CyberSecurity Insiders

AUGUST 27, 2021

Ragnarok Ransomware that was active since 2019 has made it official that it is going to shut its operations by this month’s end. The file encrypting malware group has also released a decryption key for zero cost to help victims clean up their databases.

Ransomware 103

Ransomware Healthcare Encryption Surveillance 103

Malwarebytes

APRIL 28, 2021

One day after a ransomware group shared hacked data that allegedly belonged to the Washington, D.C. Claiming responsibility for the DC police cyberattack is the ransomware gang Babuk. Police Department online, the police force for the nation’s capital confirmed it had been breached.

Ransomware 105

Ransomware Encryption Government Malware 105

Krebs on Security

DECEMBER 19, 2023

Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. BlackCat formed by recruiting operators from several competing or disbanded ransomware organizations — including REvil , BlackMatter and DarkSide.

Ransomware 265

Ransomware Cybercrime Advertising Encryption 265

Security Affairs

FEBRUARY 6, 2023

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines.

Encryption 96

Encryption Ransomware Malware Healthcare 96

Security Affairs

APRIL 17, 2024

Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. Cado Security Labs recently became aware that Cerber ransomware is being deployed into Confluence servers via the CVE-2023-22518 exploit. ” states Cado Security. ” continues the report.

Ransomware 131

Ransomware Encryption Malware Accountability 131

Security Affairs

FEBRUARY 12, 2024

Researchers discovered a vulnerability in the code of the Rhysida ransomware that allowed them to develop a decryption tool. Cybersecurity researchers from Kookmin University and the Korea Internet and Security Agency (KISA) discovered an implementation vulnerability in the source code of the Rhysida ransomware.

Ransomware 113

Ransomware Encryption VPN Manufacturing 113

Security Affairs

APRIL 4, 2023

A new ransomware strain named Rorschach ransomware supports the fastest file-encrypting routine observed to date. The experts pointed out that the Rorschach ransomware appears to be unique. The experts pointed out that the Rorschach ransomware appears to be unique. ” continues the analysis.

Encryption 89

Encryption Ransomware Malware Backups 89

Hacker Combat

MAY 10, 2022

The goal is to interrupt the victim’s business operations or steal important information. To breach a company, ransomware attackers utilize a variety of methods. According to the researcher, DLL hijacking flaws affect these and potentially other ransomware families. Phishing emails are one way to do it.

Encryption 112

Encryption Ransomware Malware Cyber Attacks 112

Security Affairs

AUGUST 31, 2021

Recently emerged LockFile ransomware family LockFile leverages a novel technique called intermittent encryption to speed up encryption. LockFile ransomware gang started its operations last month, recently it was spotted targeting Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities.

Encryption 104

Encryption Ransomware Financial Services Antivirus 104

eSecurity Planet

OCTOBER 13, 2021

Sophos cybersecurity researchers have discovered a Python-based ransomware operation that escalated from a compromised corporate network to encrypted virtual machines in just three hours. These instructions are used to list all VMs and shut them down, necessary for starting the encryption. Faster Encryption Means Higher Risk.

Encryption 114

Encryption Ransomware Penetration Testing Password Management 114

Security Affairs

FEBRUARY 21, 2022

Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data. Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data without knowing the private key used by the gang to encrypt files.

Encryption 88

Encryption Ransomware VPN Malware 88

SecureList

APRIL 18, 2022

Yanluowang is a type of targeted ransomware discovered by the Symantec Threat Hunter team as they were investigating an incident on a large corporate network. Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files.

Encryption 144

Encryption Ransomware Backups VPN 144

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. What Encryption Is and How It Relates to Cryptology The science of cryptography studies codes, how to create them, and how to solve them. How Does Encryption Process Data? How Does Encryption Process Data?

Encryption 111

Encryption Passwords IoT Firewall 111

CyberSecurity Insiders

APRIL 18, 2022

Ireland Health Service (HSE) was cyber-attacked by CONTI Ransomware group in mid last year and news is now out that 80% of the data been stored on the servers of the healthcare services provider was encrypted by the said a gang of criminals. And the result on whether the information truly belonged to HSE is awaited! .

Encryption 111

Encryption Ransomware Healthcare Threat Detection 111

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 122

Ransomware Encryption Backups Manufacturing 122

Security Affairs

FEBRUARY 7, 2023

A new Linux variant of the Clop ransomware has been observed in the wild, the good news is that its encryption algorithm is flawed. SentinelLabs researchers have observed the first Linux variant of the Clop ransomware. This generated RC4 key is used to encrypt the mappedAddress and write it back to the file.”

Encryption 86

Encryption Ransomware Cybercrime Engineering 86

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. “Akira threat actors utilize a sophisticated hybrid encryption scheme to lock data.

Ransomware 102

Ransomware Encryption Antivirus VPN 102

Dark Reading

JUNE 22, 2023

The announcement was posted on Twitter via the Rewards for Justice Twitter account, alongside encrypted messaging system options for anyone to get into contact should they have viable information.

Encryption 89

Encryption Ransomware Accountability 89

Security Affairs

JULY 29, 2021

ransomware is now able to encrypt Windows domains by using Active Directory group policies. ransomware that encrypts Windows domains by using Active Directory group policies. ransomware that encrypts Windows domains by using Active Directory group policies. Like other ransomware operations, LockBit 2.0

Encryption 144

Encryption Ransomware Malware Hacking 144

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. ” These upgrades prove that Hive is one of the fastest evolving ransomware families in the cybercrime ecosystem. . ” reads the post published by Microsoft.

Encryption 113

Encryption Ransomware Cybercrime Malware 113

Graham Cluley

APRIL 11, 2024

The East Central University (ECU) of Ada, Oklahoma, has revealed that a ransomware gang launched an attack against its systems that left some computers and servers encrypted and may have also seen sensitive information stolen. Read more in my article on the Hot for Security blog.

Ransomware 88

Ransomware Encryption Malware 88

Security Affairs

OCTOBER 5, 2021

An unnamed ransomware gang used a custom Python script to target VMware ESXi and encrypt all the virtual machines hosted on the server. Researchers from Sophos were investigating a ransomware attack when discovered that the attackers employed a Python script to encrypt virtual machines hosted on VMware ESXi servers.

Encryption 135

Encryption Ransomware Passwords Accountability 135

Malwarebytes

APRIL 4, 2023

Fake it till you make it ransomware groups are trying to get rich off the backs of genuine ransomware authors. Because they don’t actually create ransomware or compromise networks in any way. The battle plan of a fake ransomware group The general approach is as follows: Claim to be a different, genuine ransomware group.

Encryption 90

Encryption Ransomware Backups Scams 90

Security Affairs

FEBRUARY 13, 2024

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. BTC (about 157,000 EURO).

Ransomware 109

Ransomware Backups Encryption Healthcare 109

Security Affairs

OCTOBER 29, 2021

The Hive ransomware operators have developed a new variant of their malware that can encrypt Linux and FreeBSD. ESET researchers discovered a new Hive ransomware variant that was specifically developed to encrypt Linux and FreeBSD. ESETresearch has identified Linux and FreeBSD variants of the #Hive #Ransomware.

Encryption 105

Encryption Ransomware Spyware Malware 105

Security Affairs

SEPTEMBER 1, 2023

Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims to recover their data without paying a ransom.

Ransomware 110

Ransomware Encryption Backups Malware 110

eSecurity Planet

AUGUST 4, 2022

It’s been a couple of decades since data tapes delivered by trucks made encryption a standard enterprise cybersecurity practice. Yet even as technology has changed, sending and receiving data remains a major vulnerability, ensuring encryption’s place as a foundational security practice. What is Encryption?

Encryption 131

Encryption Software Computers and Electronics Technology 131

Security Affairs

MAY 5, 2024

FuckRansomware pic.twitter.com/uD09m7AukH — Jon DiMaggio (@Jon__DiMaggio) May 5, 2024 However, researchers at VX-underground have spoken with Lockbit ransomware group administrative staff regarding the return of the old domain and the gang claims law enforcement is lying. Lockbit ransomware group states law enforcement is lying.

Ransomware 124

Ransomware Cybercrime Cyber Attacks Encryption 124

Webroot

SEPTEMBER 7, 2023

When it comes to keeping sensitive data safe, email encryption is a necessity. Too many employees and IT experts have experienced the pain of trying to use a needlessly complicated email encryption solution. If this is the experience you’ve come to expect, Webroot Email Encryption powered by Zix is here to surprise you.

Encryption 104

Encryption Passwords Insurance Healthcare 104

SecureList

APRIL 18, 2022

Yanluowang is a type of targeted ransomware discovered by the Symantec Threat Hunter team as they were investigating an incident on a large corporate network. Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files.

Encryption 119

Encryption Ransomware Backups VPN 119

Security Affairs

JANUARY 2, 2024

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor.

Ransomware 114

Ransomware Encryption Insurance Malware 114

Malwarebytes

NOVEMBER 30, 2023

This morning I decided to write some ransomware, and I asked ChatGPT to help. I wanted to know if its safeguards would stop me from using it to write ransomware, and, if they didn’t, whether the ransomware it produced was any good. to build up a basic ransomware step-by-step. Ransomware written by ChatGPT 4.0

Ransomware 126

Ransomware Encryption Cybercrime Malware 126

Security Affairs

JANUARY 1, 2024

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. The Cactus ransomware group claims to have hacked Coop and is threatening to disclose a huge amount of personal information, over 21 thousand directories. The stores are co-owned by 3.5

Retail 122

Retail Ransomware Encryption Hacking 122

SecureList

APRIL 15, 2024

They generated a custom version of the ransomware, which used the aforementioned account credential to spread across the network and perform malicious activities, such as killing Windows Defender and erasing Windows Event Logs in order to encrypt the data and cover its tracks. In this article, we revisit the LockBit 3.0

Ransomware 96

Ransomware Encryption Passwords Accountability 96

Security Affairs

MARCH 6, 2024

Researchers warn that the cybercrime groups GhostSec and Stormous have joined forces in a new ransomware campaign. The GhostSec and Stormous ransomware gang are jointly conducting a ransomware campaign targeting various organizations in multiple countries, Cisco Talos reported. The GhostLocker 2.0 GhostLocker 2.0 GhostLocker 2.0

Ransomware 114

Ransomware Encryption Cybercrime Hacking 114

Hot for Security

JUNE 2, 2021

In the early days of ransomware things were fairly simple: malware would infect your company’s infrastructure, encrypting your valuable data with a secret key that was only known to your attackers. If you had shown the foresight of making secure backups in advance, you could get back up and running again.

Encryption 138

Encryption Ransomware Backups Hacking 138

Heimadal Security

MAY 9, 2022

Conti ransomware is an extremely damaging malicious actor due to the speed with which encrypts data and spreads to other systems. The post Information Leading to the Arrest of Conti Ransomware Co-Conspirators to be Rewarded appeared first on Heimdal Security Blog.

Ransomware 81

Ransomware Encryption Phishing Cybersecurity 81