Security Affairs

DECEMBER 14, 2021

Bitdefender researchers discovered that threat actors are attempting to exploit the Log4Shell flaw to deliver the new Khonsari ransomware on Windows machines. Experts warn that threat actors are attempting to exploit the Log4Shell flaw to deliver the new Khonsari ransomware on Windows machines. SecurityAffairs – hacking, ransomware).

Ransomware 145

Ransomware Encryption Engineering Malware 145

Krebs on Security

JANUARY 27, 2021

and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. The victim shaming site maintained by the NetWalker ransomware group, after being seized by authorities this week. ” Image: Chainalysis.

Ransomware 288

Ransomware Cybercrime Antivirus Encryption 288

Security Affairs

NOVEMBER 5, 2021

A new threat actor is exploiting ProxyShell flaws in attacks aimed at Microsoft Exchange servers to deploy the Babuk Ransomware in corporate networks. Talos researchers warn of a new threat actor that is hacking Microsoft Exchange servers by exploiting ProxyShell flaws to gain access to corporate and deploy the Babuk Ransomware.

Ransomware 141

Ransomware Backups Encryption DNS 141

Malwarebytes

FEBRUARY 13, 2023

New encryption routine Victims have reported a new variant of the encryptor that no longer leaves large chunks of data unencrypted. The recovery script released by CISA for organizations that have fallen victim to ESXiArgs ransomware reportedly no longer works for this new variant.

Encryption 81

Encryption Ransomware Internet Internet 81

Security Affairs

MARCH 9, 2023

The recently discovered Windows ransomware IceFire now also targets Linux enterprise networks in multiple sectors. SentinelLabs researchers discovered new Linux versions of the recently discovered IceFire ransomware that was employed in attacks against several media and entertainment organizations worldwide. to deploy the ransomware.

Ransomware 98

Ransomware Encryption Media Phishing 98

CyberSecurity Insiders

JUNE 27, 2023

One such threat is smartphone ransomware, a malicious software that can wreak havoc on our digital lives. In this article, we will explore the concept of smartphone ransomware, its potential consequences, and most importantly, the measures you can take to protect yourself from this growing menace.

Ransomware 107

Ransomware Antivirus Backups Encryption 107

Malwarebytes

FEBRUARY 6, 2024

Top of the list is “Big Game” ransomware, the most serious cyberthreat to businesses all around the world. Big game attacks extort vast ransoms from organizations by holding their data hostage—either with encryption, the threat of damaging data leaks, or both. READ THE REPORT

Ransomware 119

Ransomware Cybercrime Malware Social Engineering 119

Security Affairs

JULY 1, 2023

Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. Cybersecurity firm Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. Files are encrypted by Chacha 2008 ( D.

Ransomware 98

Ransomware Encryption Malware Hacking 98

Security Affairs

JUNE 6, 2023

Researchers from security firm Uptycs reported that threat actors linked to the Cyclops ransomware are offering a Go-based information stealer. The Cyclops group has developed multi-platform ransomware that can infect Windows, Linux, and macOS systems. ” reads the report. ” reads the report.

Ransomware 94

Ransomware Encryption Cybercrime Malware 94

Security Affairs

OCTOBER 19, 2021

Trustwave’s SpiderLabs researchers have released a free decryptor for the BlackByte ransomware that can allow victims to recover their files. Researchers from Trustwave’s SpiderLabs have released a decryptor that can allow victims of the BlackByte ransomware to restore their files for free.

Ransomware 118

Ransomware Encryption Malware Hacking 118

Security Affairs

DECEMBER 4, 2021

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations.

Ransomware 142

Ransomware Hacking Malware Encryption 142

Security Affairs

MARCH 11, 2019

Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. The STOP ransomware made the headlines because it is installing password-stealing Trojans on the victims’ machines. ” reads a blog post published by Bleepingcomputer.

Encryption 100

Encryption Ransomware Cryptocurrency Passwords 100

Security Affairs

MARCH 26, 2019

Good news for the victims of the Hacked Ransomware, the security firm Emsisoft has released a free decryptor to decrypt the data of infected computers. Security experts at Emsisoft released a free decryptor for the Hacked Ransomware. SecurityAffairs – Hacked ransomware , malware). Pierluigi Paganini.

Encryption 109

Encryption Hacking Ransomware Advertising 109

Security Affairs

JULY 5, 2023

RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors. igrejaatos2[.]org/assets/programs/setupbrowser.exe

Energy and Utilities 98

Energy and Utilities Ransomware Backups Malware 98

SecureList

DECEMBER 13, 2023

In recent months, we have written private reports on a wide range of topics, such as new cross-platform ransomware, macOS stealers and malware distribution campaigns. In this article, we share excerpts from our reports on the FakeSG campaign, the Akira ransomware and the AMOS stealer. For an example, look at the image below.

Ransomware 103

Ransomware Passwords Malware Encryption 103

Security Affairs

NOVEMBER 19, 2022

Microsoft warns that a threat actor, tracked as DEV-0569, is using Google Ads to distribute the recently discovered Royal ransomware. The DEV-0569 group carries out malvertising campaigns to spread links to a signed malware downloader posing as software installers or fake updates embedded in spam messages, fake forum pages, and blog comments.

Ransomware 139

Ransomware Malware Antivirus Phishing 139

Security Affairs

JUNE 10, 2022

The Cuba ransomware operators are back and employed a new version of its malware in recent attacks. Cuba ransomware has been active since at least January 2020. The ransomware encrypts files on the targeted systems using the “.cuba” The ransomware encrypts files on the targeted systems using the “.cuba”

Ransomware 135

Ransomware Malware Encryption Hacking 135

Malwarebytes

APRIL 6, 2023

contains encrypted malicious code—meaning it cannot be read plainly. also contains two hard-coded download URLs, both served on the malicious domain infoamanewonliag[.]online. The same IP also hosts the illicit domain the payloads were downloaded from. Its purpose is to load another JS script called update.js

Computers and Electronics 98

Computers and Electronics Malware Scams Encryption 98

Security Affairs

JANUARY 6, 2023

Microsoft warns of different ransomware families (KeRanger, FileCoder, MacRansom, and EvilQuest) targeting Apple macOS systems. Microsoft Security Threat Intelligence team warns of four different ransomware families ( KeRanger , FileCoder , MacRansom , and EvilQuest ) that impact Apple macOS systems.

Ransomware 98

Ransomware Encryption Malware Hacking 98

CyberSecurity Insiders

NOVEMBER 1, 2022

A new ransomware named ‘Azov Ransomware’ is found framing cybersecurity researchers as it doesn’t demand any ransom from its victims, instead it is asking them to contact forensic experts from a firm in the vicinity and do as per their instructions. And is being downloaded after the purchase of SmokeLoader dropper.

Ransomware 127

Ransomware Cybersecurity Software Malware 127

CyberSecurity Insiders

OCTOBER 27, 2022

Microsoft, the technology giant of America, has linked Clop Ransomware gang’s whereabouts to a corporate network that was previously hit by Raspberry Robin worm. Meaning the said malware is acting as an access point to hackers spreading the said version of file encrypting malware.

Ransomware 109

Ransomware Manufacturing Retail Encryption 109

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. ” concludes the report.

Encryption 84

Encryption Ransomware Malware Scams 84

Security Affairs

OCTOBER 5, 2022

The security firm discovered a bug in the encryption process implemented by the Hades ransomware that can be used to recover the files encrypted by some variants. “We discovered a vulnerability in the encryption schema that allows some of the variants to be decrypted without paying the ransom.

Ransomware 98

Ransomware Encryption Backups Passwords 98

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic. A surprising 91.5

Encryption 145

Encryption Malware Ransomware Firewall 145

Hacker Combat

APRIL 6, 2022

Ransomware attacks targeting governments, businesses, hospitals, and private individuals are rising. You are neither safe on your private nor public network, as ransomware can encrypt your files and hold them hostage. We will look at the features of some of the best ransomware protection that you can run on your systems.

Ransomware 108

Ransomware Antivirus Encryption Passwords 108

Security Affairs

MAY 15, 2023

A previously unknown ransomware group known as RA Group is targeting companies in U.S. Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. The researchers assess with high confidence that the group is using the leaked Babuk ransomware source code.

Ransomware 98

Ransomware Encryption Cybercrime Insurance 98

Malwarebytes

FEBRUARY 17, 2023

The tag-team campaign serves up ransomware known as Mortal Kombat, which borrows the name made famous by the video game, and Laplas Clipper malware, a clipboard stealer. The BAT loader kicks off a chain of events that results in the download and execution of the ransomware or the clipper malware, from one of two URLs.

Ransomware 91

Ransomware Malware Cryptocurrency Encryption 91

Security Affairs

SEPTEMBER 26, 2020

Good news for the victims of the ThunderX ransomware, cybersecurity firm Tesorion has released a decryptor to recover their files for free. Cybersecurity firm Tesorion has released a free decryptor for the ThunderX ransomware that allows victims to recover their files. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware 144

Ransomware Encryption Advertising Hacking 144

Security Boulevard

JULY 28, 2022

The key observations are: Obfuscated Excel macros used to download and run the Emotet loader. Encrypted Emotet payload embedded in loader’s.rsrc section. Emotet infections are high risk, having led to ransomware deployments in the past ( 7 ). Macro Downloads and Executes Emotet Loader. exe with the /S parameter.

Encryption 59

Encryption Malware Phishing Cybercrime 59

Security Affairs

JULY 8, 2022

Taiwanese vendor QNAP wars of a new strain of ransomware, dubbed Checkmate, that is targeting its NAS devices. The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. “A new ransomware known as Checkmate has recently been brought to our attention.

Ransomware 104

Ransomware Encryption Passwords Internet 104

Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. SecurityAffairs – hacking, ransomware).

Ransomware 98

Ransomware Antivirus Encryption Backups 98

CyberSecurity Insiders

MAY 31, 2022

If you thought Windows 11 operating system machines were safe from Ransomware, then you better think twice before concluding. As information is out that those spreading Magniber Ransomware are after Windows 11 Machines and have targeted around a hundred by now. now that’s interesting….isn’t

Ransomware 112

Ransomware Telecommunications Encryption Cyber Attacks 112

Malwarebytes

OCTOBER 11, 2023

The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. EDR can detect an intruder's suspicious activity in advance of them running ransomware, as well as being able to identify the ransomware itself.

Antivirus 117

Antivirus Insurance Ransomware Healthcare 117

Hacker Combat

APRIL 29, 2021

One of the major instruments that facilitate such fraudulent access and use of sensitive data which is otherwise meant to be private is ransomware. It is therefore critical for one to understand the definition as well as the methodologies of how to get rid of ransomware attacks. Ransomware Infection Techniques. Definition.

Ransomware 131

Ransomware Encryption Phishing Malware 131

Malwarebytes

JUNE 9, 2022

BlackBasta, an alleged subdivision of the ransomware group Conti , just began supporting the encryption of VMware’s ESXi virtual machines (VM) installed on enterprise Linux servers. This is probably why many cybersecurity communities associate them with known ransomware actors, particularly Conti.

Ransomware 115

Ransomware Encryption Firewall Software 115

Malwarebytes

FEBRUARY 21, 2023

Ransomware authors are wading into the cybersecurity insurance debate in a somewhat peculiar way. dismantling a device piece by piece The ransomware, called HardBit 2.0, dismantling a device piece by piece The ransomware, called HardBit 2.0, What does the encryption warning message say? A helping hand?

Cyber Insurance 95

Cyber Insurance Insurance Ransomware Encryption 95

Security Affairs

MAY 27, 2020

A new piece of ransomware dubbed FuckUnicorn it targeting Italy by tricking victims into downloading a fake COVID-19 contact tracing app. The new ransomware was first spotted by the malware researcher JamesWT_MHT that shared samples with the malware community. ransomware #italy #covid19 #fuckunicorn Website [link] s//www.fofl.]it/IMMUNI.exe

Ransomware 136

Ransomware Encryption Advertising Malware 136