Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country.

Ransomware 111

Ransomware Backups VPN Authentication 111

CyberSecurity Insiders

FEBRUARY 21, 2023

All these days we have read about ransomware spreading groups stealing data and then threatening to release it online, if the victim fails to pay heed to their demands. But now a new file encrypting malware variant has emerged onto the block that demands ransom, based on the insurance cover.

Insurance 124

Insurance Ransomware Cyber Insurance Encryption 124

Security Affairs

JANUARY 30, 2024

Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. The attack was carried out by the Cactus ransomware gang , which claims to have stolen terabytes of corporate data from the company. The Cactus ransomware relies on multiple legitimate tools (e.g.

Ransomware 126

Ransomware Hacking Data breaches Digital transformation 126

Security Affairs

MAY 12, 2024

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Advisory (CSA) regarding the Black Basta ransomware activity as part of the StopRansomware initiative.

Ransomware 113

Ransomware Hacking Healthcare Retail 113

Security Affairs

MARCH 20, 2024

security flaws in JetBrains TeamCity to deploy multiple malware families and gain administrative control over impacted systems. In early March, Rapid7 researchers disclosed two new critical security vulnerabilities, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score:7.3), in JetBrains TeamCity On-Premises.

Malware 117

Malware Authentication Cryptocurrency Ransomware 117

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country.

Ransomware 87

Ransomware Backups VPN Authentication 87

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. The ZIP archives contain a compressed executable payload that, if executed, will start the encryption process with LockBit Black ransomware. ” states the report published by the NJCCIC. 177 and 185[.]215[.]113[.]66.

Phishing 111

Phishing Ransomware Security Awareness Authentication 111

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. The threat actors had access to the company systems between September 4 and September 30, 2023, when they deployed ransomware.

Data breaches 105

Data breaches Ransomware Manufacturing Encryption 105

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. It was this first time that the operators adopted this tactic.

Ransomware 106

Ransomware Encryption Antivirus VPN 106

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

Ransomware 128

Ransomware VPN Education Hacking 128

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the LockBit ransomware gang has added the cybersecurity firm Mandiant to the list of victims published on its darkweb leak site. ransomware to evade sanctions.

Hacking 132

Hacking Ransomware Cybersecurity Cybercrime 132

Security Affairs

OCTOBER 13, 2023

FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort aimed at sharing technical details associated with various ransomware operations.

Ransomware 116

Ransomware System Administration Antivirus Malware 116

Security Affairs

JUNE 5, 2021

Cyble researchers investigated a recent attack on an India-based IT firm that was hit by the BlackCocaine Ransomware gang. The company reported the security breach to the Bombay Stock Exchange (BSE) and the National Stock Exchange of India (NSEI). The researchers reported that ransomware uses the AES and RSA encryption methods.

Ransomware 125

Ransomware Malware Encryption Financial Services 125

Security Affairs

JUNE 30, 2022

Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions. Good news for the victims of the Hive ransomware , the South Korean cybersecurity agency KISA has released a free decryptor for versions from v1 till v4.

Ransomware 107

Ransomware Cybersecurity Encryption VPN 107

The Last Watchdog

MAY 15, 2023

The physical safety of things like airbags, rearview mirrors, and brakes is well accounted for; yet cybersecurity auto safety concerns are rising to the fore. What used to be a focus on physical safety has now shifted to cybersecurity due to the widened attack surface that connected cars present.

Malware 230

Malware Manufacturing IoT Software 230

Security Affairs

NOVEMBER 10, 2023

The IT giant linked the attacks to the Clop ransomware gang (aka Lace Tempest ). The Lace Tempest operators exploited the vulnerability to issue commands via the SysAid software to deliver a loader for the Gracewire malware (aka FlawedGrace ). The software firm engaged the cybersecurity firm Profero to investigate the issue.

Ransomware 104

Ransomware Malware Software Internet 104

Malwarebytes

FEBRUARY 12, 2024

Today on the Lock and Code podcast … If your IT and security teams think malware is bad, wait until they learn about everything else. In fact, some attacks have gone so “quiet” that they involve no malware at all. But not every organization has that at hand. What, then, are IT-constrained businesses to do?

Malware 72

Malware Ransomware Antivirus Information Security 72

Security Affairs

FEBRUARY 9, 2024

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. BleepingComputer reported that the Car maker Hyundai Motor Europe was breached by the Black Basta ransomware gang. The threat actors claim to have stolen three terabytes of data from the company.

Hacking 128

Hacking Ransomware Data breaches Manufacturing 128

Security Affairs

NOVEMBER 28, 2019

A piece of the Ryuk Ransomware infected the network of the multinational cybersecurity firm Prosegur, forcing the company to shut down it. The Spanish multinational security company Prosegur announced that it was of a ransomware attack that disrupted its telecommunication platform. SecurityAffairs – hacking, ransomware).

Ransomware 117

Ransomware Cybersecurity Telecommunications Advertising 117

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management. ” reported Bleeping Computer. .”

Ransomware 117

Ransomware Insurance Technology Encryption 117

CyberSecurity Insiders

JUNE 29, 2023

Granules, the Indian Pharmaceutical company that manufactures Paracetamol has released an official statement that a ransomware attack that targeted its servers last month has resulted in substantial loss of revenue and profitability.

Ransomware 83

Ransomware Backups Manufacturing Encryption 83

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. Tietoevry is a Finnish multinational information technology (IT) and consulting company that provides managed services and cloud hosting for the enterprise.

Ransomware 108

Ransomware VPN Government Retail 108

Security Affairs

APRIL 20, 2023

Threat actors are hacking poorly secured and Interned-exposed Microsoft SQL servers to deploy the Trigona ransomware. Threat actors are hacking into poorly secured and public-facing Microsoft SQL servers to deploy Trigona ransomware. ” reads the report published by AhnLab.

Ransomware 85

Ransomware Malware Encryption Hacking 85

Security Affairs

FEBRUARY 13, 2024

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. BTC (about 157,000 EURO).

Ransomware 112

Ransomware Backups Encryption Healthcare 112

Security Affairs

OCTOBER 27, 2023

The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Lockbit ransomware group today added Boeing to the list of victims on its Tor leak site. ransomware ??????: In 2022, Boeing recorded $66.61 In 2022, Boeing recorded $66.61

Ransomware 131

Ransomware Manufacturing InfoSec Hacking 131

Security Affairs

MAY 9, 2021

CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant experts. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant.

Ransomware 122

Ransomware Penetration Testing Malware Cybercrime 122

Security Affairs

JUNE 7, 2022

The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted a new partnership in the threat landscape between the Black Basta ransomware group and the QBot malware operation. SecurityAffairs – hacking, Black Basta ransomware).

Ransomware 141

Ransomware Backups Malware Firewall 141

Security Affairs

APRIL 3, 2024

Jackson County, Missouri, confirmed that a ransomware attack has disrupted several county services. A ransomware attack disrupted several services of the Jackson County, Missouri. “Jackson County has confirmed a ransomware attack was responsible for the disruption of several county services today.”

Ransomware 99

Ransomware Hacking Technology Cybersecurity 99

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware.

Cybercrime 119

Cybercrime Ransomware DDOS Encryption 119

Security Affairs

JUNE 3, 2023

Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. Extension: blacksuit.

Ransomware 95

Ransomware Healthcare Encryption Manufacturing 95

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). MSI is headquartered in Taipei, Taiwan.

Ransomware 88

Ransomware Firmware Hacking Manufacturing 88

Security Affairs

OCTOBER 1, 2023

Bleeping Computer last week reported that Johnson Controls International has suffered a ransomware attack that impacted many systems of the company. Threat actors initially breached the systems at Asia offices, the ransomware also targeted the VMware ESXi servers. reported Bleeping Computer. reads the 8-K form filed with SEC. “To

Ransomware 127

Ransomware Insurance Technology Encryption 127

Security Affairs

SEPTEMBER 26, 2023

This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site. Last week a ransomware attack hit the Government of Kuwait, the attack took place on September 18 and the government experts immediately started the incident response procedures to block the threat.

Ransomware 109

Ransomware Government Hacking Cyber Attacks 109

Security Affairs

NOVEMBER 28, 2023

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. The healthcare provider disclosed that it has suffered a ransomware attack on November 23. ” reads the notice of security incident published by the company.

Healthcare 99

Healthcare Ransomware Technology Internet 99

Security Affairs

MARCH 3, 2021

Cybersecurity firm Qualys seems to have suffered a data breach, threat actors allegedly exploited zero-day flaw in their Accellion FTA server. Cybersecurity firm Qualys is the latest victim of a cyber attack, the company was likely hacked by threat actors that exploited a zero-day vulnerability in their Accellion FTA server.

Ransomware 129

Ransomware Cybersecurity Cyber Attacks Data breaches 129

Security Affairs

OCTOBER 4, 2023

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. Ransomware, a menace that has evolved into a formidable adversary, takes center stage in our examination of the cyber threat landscape during the second quarter of 2023.

Ransomware 108

Ransomware Data collection Cyber threats Hacking 108

Security Affairs

DECEMBER 15, 2023

Resecurity has uncovered a meaningful link between three major ransomware groups, BianLian, White Rabbit, and Mario Ransomware. Resecurity’s HUNTER (HUMINT) unit spotted the BianLian , White Rabbit , and Mario ransomware gangs collaborating in a joint extortion campaign targeting publicly-traded financial services firms.

Ransomware 103

Ransomware Financial Services Cyber Attacks Cybersecurity 103