SecureWorld News

JANUARY 27, 2023

The United States Department of Justice (DOJ) recently announced that it has successfully taken down the HIVE ransomware network, an international cybercrime ring that had been responsible for stealing and encrypting the data of more than 1,500 companies from 80 different countries. Cybercrime is a constantly evolving threat.

Ransomware 85

Ransomware Cybercrime Cryptocurrency Telecommunications 85

Security Affairs

MAY 15, 2023

A previously unknown ransomware group known as RA Group is targeting companies in U.S. Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. The researchers assess with high confidence that the group is using the leaked Babuk ransomware source code.

Ransomware 86

Ransomware Encryption Cybercrime Insurance 86

Security Affairs

NOVEMBER 24, 2022

RansomExx ransomware is the last ransomware in order of time to have a version totally written in the Rust programming language. The operators of the RansomExx ransomware (aka Defray777 and Ransom X) have developed a new variant of their malware, tracked as RansomExx2, that was ported into the Rust programming language.

Ransomware 99

Ransomware Encryption Malware Manufacturing 99

SecureWorld News

NOVEMBER 2, 2023

The global rise of ransomware attacks over the last several years has become an urgent concern, as cybercriminals relentlessly target organizations and individuals, demanding exorbitant ransoms for the release of vital encrypted data. By refusing to pay ransoms, the coalition aims to degrade the lucrative ransomware ecosystem.

Ransomware 92

Ransomware Financial Services Healthcare Cyber threats 92

Security Affairs

SEPTEMBER 13, 2021

Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident. Olympus issued a statement to announce that its European, Middle East and Africa computer network was hit by a ransomware attack. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Technology 116

Technology Ransomware Computers and Electronics Cybercrime 116

Security Affairs

MARCH 3, 2023

Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. ” reads the alert.

Ransomware 91

Ransomware Healthcare Antivirus Encryption 91

Security Affairs

DECEMBER 4, 2021

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations.

Ransomware 138

Ransomware Hacking Malware Encryption 138

Security Affairs

DECEMBER 27, 2021

A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix ransomware are targeting NAP network-attached storage (NAS) devices. The attackers first create a user in the administrator group, then use it to encrypt the content of the NAS. and 1.0.6).”

Ransomware 125

Ransomware Encryption Manufacturing Hacking 125

Malwarebytes

MAY 11, 2021

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an ongoing cybercrime campaign that is using Avaddon ransomware. In a separate advisory (pdf) , the ACSC says it is also aware of an ongoing ransomware campaign using the Avaddon Ransomware malware.

Ransomware 109

Ransomware VPN Encryption Cybercrime 109

Security Affairs

JANUARY 28, 2022

Delta Electronics, a Taiwanese contractor for multiple tech giants such as Apple, Dell, HP and Tesla, was hit by Conti ransomware. Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. SecurityAffairs – hacking, Conti ransomware). Pierluigi Paganini.

Computers and Electronics 90

Computers and Electronics Ransomware Manufacturing Malware 90

Security Affairs

JUNE 28, 2023

Researchers warn of a massive spike in May and June 2023 of the activity associated with the ransomware group named 8Base. VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. and Brazil. ” reported NCC.

Ransomware 88

Ransomware Encryption Manufacturing Business Services 88

SecureWorld News

MARCH 3, 2023

The City of Oakland recently experienced a ransomware attack that disrupted services and caused the city to declare a state of emergency, displaying the real-world consequences that cyberattacks can have. The cyber gang uses a combination of encryption algorithms to lock the files, making them impossible to recover without the decryption key.

Ransomware 79

Ransomware Encryption InfoSec Manufacturing 79

Security Affairs

MAY 4, 2023

The City of Dallas, Texas, was hit by a ransomware attack that forced it to shut down some of its IT systems. The IT systems at the City of Dallas, Texas, have been targeted by a ransomware attack. However, CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems. Source J.D.

Ransomware 94

Ransomware Healthcare Education Encryption 94

SecureList

JULY 20, 2022

If we look back at what we covered last month, we will see that ransomware (surprise, surprise!) In this blog post, we provide several excerpts from last month’s reports on new ransomware strains. Luna: brand-new ransomware written in Rust. definitely stands out. Command line options available in Luna. Black Basta.

Ransomware 95

Ransomware Encryption Advertising Malware 95

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. In May 2023, a ransomware attack hit the IT systems at the City of Dallas , Texas. CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems. ” continues the report.

Ransomware 105

Ransomware Surveillance Healthcare Accountability 105

Security Affairs

JUNE 11, 2021

The Avaddon ransomware gang has shut down its operations and released the decryption keys to allow victims to recover their files for free. Good news for the victims of the Avaddon ransomware gang , the cybercrime group has shut down its operations and provided the decryption keys to BleepingComputer website. Do not pay.

Ransomware 137

Ransomware Passwords Manufacturing Healthcare 137

Security Affairs

OCTOBER 27, 2022

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. Microsoft has discovered recent activity that links the Raspberry Robin worm to human-operated ransomware attacks. . The final-stage malware was the Clop ransomware.

Ransomware 97

Ransomware Malware Data collection Encryption 97

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors.

Energy and Utilities 84

Energy and Utilities Ransomware Backups Malware 84

Security Affairs

AUGUST 10, 2021

A new variant of the eCh0raix ransomware is able to target Network-Attached Storage (NAS) devices from both QNAP and Synology vendors. A newly variant of the eCh0raix ransomware is able to infect Network-Attached Storage (NAS) devices from Taiwanese vendors QNAP and Synology. ” reads the report published by Palo Alto Researchers.

Ransomware 127

Ransomware Encryption Firmware Passwords 127

Security Affairs

AUGUST 13, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks. The ransomware can be deployed as a

Ransomware 88

Ransomware Encryption Firmware Backups 88

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Pierluigi Paganini.

Ransomware 99

Ransomware DDOS Passwords Backups 99

Security Affairs

AUGUST 21, 2021

A new ransomware gang named LockFile targets Microsoft Exchange servers exploiting the recently disclosed ProxyShell vulnerabilities. A new ransomware gang named LockFile targets Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. “The LockFile ransomware was first observed on the network of a U.S.

Ransomware 136

Ransomware Financial Services Hacking Encryption 136

Security Affairs

DECEMBER 2, 2022

Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. The threat actors behind the Cuba ransomware (aka COLDDRAW, Tropical Scorpius ) have demanded over 145 million U.S. “Since spring 2022, Cuba ransomware actors have expanded their TTPs.

Ransomware 85

Ransomware Financial Services Manufacturing Healthcare 85

SecureList

APRIL 11, 2023

While the majority of zero-days that we’ve discovered in the past were used by APTs, this particular zero-day was used by a sophisticated cybercrime group that carries out ransomware attacks. Using the CVE-2023-28252 zero-day, this group attempted to deploy the Nokoyawa ransomware as a final payload. com qooqle[.]top

Ransomware 125

Ransomware Malware Engineering Technology 125

Security Affairs

JUNE 26, 2022

China-linked APT Bronze Starlight is deploying post-intrusion ransomware families as a diversionary action to its cyber espionage operations. Researchers from Secureworks reported that a China-linked APT group, tracked as Bronze Starlight (APT10), is deploying post-intrusion ransomware families to cover up the cyber espionage operations.

Ransomware 83

Ransomware Manufacturing Cybercrime Malware 83

Security Affairs

OCTOBER 24, 2020

The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. Boyne Resorts was the victim of WastedLocker ransomware attack, the incident has impacted reservation systems. This group has been active since at least 2007, in December 2019, the U.S.

Ransomware 87

Ransomware Telecommunications Banking Advertising 87

Security Affairs

JANUARY 8, 2024

Ultra provides critical tactical capabilities including cybersecurity and remote cryptographic management systems for clients including the DoD, FBI, DEA, NATO, AT&T… pic.twitter.com/MrnRNNiJsa — Dominic Alvieri (@AlvieriD) December 27, 2023 The ransomware gang stole around 30 gigabytes of sensitive documents from the US company.

Hacking 111

Hacking Data breaches Ransomware Manufacturing 111

Security Affairs

MAY 16, 2023

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. ” reported Yahoo Finance.

Manufacturing 86

Manufacturing Ransomware Cyber Attacks Backups 86

Security Affairs

FEBRUARY 21, 2024

government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. According to the press release published by the Department of State , the Lockbit ransomware operators carried out over 2,000 attacks against victims worldwide since January 2020.

Energy and Utilities 91

Energy and Utilities Ransomware Manufacturing Financial Services 91

Security Affairs

JULY 2, 2023

Illicit Telegram Communities Dismantling of an encrypted network sends shockwaves through organised crime groups across Europe TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant Malware Trojanized Super Mario Game Installer Spreads SupremeBot Malware Initial research exposing JOKERSPY Who is 8BASE?

Cybercrime 88

Cybercrime Hacking Ransomware Malware 88

Security Affairs

JANUARY 12, 2020

The Maze ransomware gang has released 14GB of files that they claim were stolen from one of its victims, the Southwire cable manufacturer. The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online. Pierluigi Paganini.

Ransomware 71

Ransomware Manufacturing Advertising Encryption 71

Security Boulevard

JUNE 8, 2022

Ransomware Trends Show Lockbit Most Active, New Tactics, Healthcare Hit Hard. LockBit replaced Conti as the most active ransomware gang and continued to evolve its operations in the first quarter, according to a report (PDF) from KELA Cybercrime Intelligence. Another notable Ransomware trend: new methods of intimidation.

Healthcare 52

Healthcare Ransomware Encryption Cybercrime 52

Security Affairs

FEBRUARY 20, 2024

Law enforcement provided additional details about the international Operation Cronos that led to the disruption of the Lockbit ransomware operation. Yesterday, a joint law enforcement action, code-named Operation Cronos , conducted by law enforcement agencies from 11 countries disrupted the LockBit ransomware operation.

Energy and Utilities 101

Energy and Utilities Ransomware Manufacturing Financial Services 101

CyberSecurity Insiders

SEPTEMBER 20, 2021

In addition, workers are trained to identify ransomware attacks and business email compromise funds. Encryption and data backup. Data encryption is a protection strategy that renders data useless even when an intruder accesses it. Additionally, backing up your data and storing it helps you stay safe from ransomware attackers.

Cybersecurity 121

Cybersecurity Insurance Passwords Encryption 121

SecureWorld News

MARCH 9, 2023

North Korea's cyber program poses a sophisticated and agile espionage, cybercrime, and attack threat. Transnational organized ransomware actors continue to improve and execute high-impact ransomware attacks, extorting funds, disrupting critical services, and exposing sensitive data. and allied networks and data.

Technology 73

Technology Cybercrime Ransomware Government 73

Security Affairs

AUGUST 29, 2021

The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim to have stolen 1 GB of data from the company. The ad on Marketo claims to have about 1GB of data stolen from the company that are now auctioned to the highest bidder. .

Manufacturing 123

Manufacturing Data breaches Encryption Hacking 123

Identity IQ

DECEMBER 20, 2023

The methods used by cybercriminals in 2023 varied with cyberattacks, physical attacks, and system errors targeting everything from critical infrastructure to manufacturing to healthcare databases. This signals a new era of cybercrime where private data becomes prized currency, putting every email address and credit card number at risk.

Data breaches 72

Data breaches Identity Theft Cybercrime Social Engineering 72