Webroot

OCTOBER 25, 2023

Our annual analysis of the most notorious malware has arrived. As always, it covers the trends, malware groups, and tips for how to protect yourself and your organization. Their tactics have evolved significantly over the years, with ransomware now the malware of choice for cybercriminals. Lockbit 3.0,

Malware 89

Malware Artificial Intelligence Penetration Testing Ransomware 89

CyberSecurity Insiders

APRIL 9, 2021

European Enterprises mainly involved in manufacturing are being targeted by a new strain of Ransomware dubbed as Cring and confirmed sources say that the malware is being spread by exploitation of Fortinet VPN Vulnerability.

Ransomware 140

Ransomware VPN Manufacturing Backups 140

SecureList

APRIL 18, 2022

Yanluowang is a type of targeted ransomware discovered by the Symantec Threat Hunter team as they were investigating an incident on a large corporate network. Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files.

Encryption 143

Encryption Ransomware Backups VPN 143

Malwarebytes

AUGUST 28, 2023

The Cisco Product Security Incident Response Team (PSIRT) has posted a blog about Akira ransomware targeting VPNs without Multi-Factor Authentication (MFA). The Cisco team states that it is aware of reports of the Akira ransomware group going specifically after Cisco VPNs that are not configured for MFA.

Ransomware 83

Ransomware VPN Passwords Backups 83

CyberSecurity Insiders

AUGUST 6, 2021

Gangs spreading LockBit ransomware are reportedly bribing employees of corporate companies to enter their computer network and compromise it with file encrypting malware. ransomware spreading gang seems to go employing craze techniques to keep their money counters ringing. As LockBit 2.0

Ransomware 144

Ransomware VPN Encryption Cryptocurrency 144

Adam Levin

JANUARY 9, 2020

Currency exchange giant Travelex has effectively been taken offline by a ransomware attack. . To date, the company can confirm that whilst there has been some data encryption, there is no evidence that structured personal customer data has been encrypted. “To The attack was first detected the night of December 31.

Ransomware 157

Ransomware Encryption Insurance VPN 157

Security Affairs

MARCH 24, 2021

Security experts reported that a second ransomware gang, named Black Kingdom , is targeting Microsoft Exchange servers. The first ransomware gang exploiting the above issues in attacks in the wild was a group tracked as DearCry. BlackKingdom ransomware on my personal servers. It does indeed encrypt files.

Ransomware 138

Ransomware Encryption VPN Malware 138

SecureList

APRIL 18, 2022

Yanluowang is a type of targeted ransomware discovered by the Symantec Threat Hunter team as they were investigating an incident on a large corporate network. Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files.

Encryption 111

Encryption Ransomware Backups VPN 111

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks.

Ransomware 144

Ransomware Encryption Passwords Malware 144

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. ” continues the EUROPOL. Europol said.

VPN 80

VPN Cybercrime Ransomware Advertising 80

SecureWorld News

JANUARY 20, 2022

SecureWorld News has reported on multiple success stories when it comes to law enforcement fighting back against ransomware. VPNLab.net offered services based on OpenVPN technology and 2048-bit encryption, allowing cybercriminals to remain anonymous. Joint operation takes down VPNLab.net. What made VPNLab.net popular?

VPN 85

VPN Ransomware Cybercrime Data breaches 85

Security Affairs

JUNE 30, 2022

Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions. Good news for the victims of the Hive ransomware , the South Korean cybersecurity agency KISA has released a free decryptor for versions from v1 till v4.

Ransomware 107

Ransomware Cybersecurity Encryption VPN 107

Security Affairs

DECEMBER 10, 2022

The US Department of Health and Human Services (HHS) warns healthcare organizations of Royal ransomware attacks. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. The malware changes the extension of the encrypted files to ‘.royal’.

Healthcare 87

Healthcare Ransomware Encryption Malware 87

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April 2020.

Ransomware 145

Ransomware Encryption VPN Backups 145

Security Affairs

MAY 9, 2023

Researchers warn of a new ransomware family called CACTUS that exploits known vulnerabilities in VPN appliances to gain initial access to victims’ networks. The new ransomware operation has been active since March 2023, despite the threat actors use a double-extortion model, their data leak site has yet to be discovered.

Ransomware 73

Ransomware VPN Antivirus Encryption 73

eSecurity Planet

OCTOBER 5, 2021

Malware has been around for nearly 40 years, longer even than the World Wide Web, but ransomware is a different kind of threat, capable of crippling a company and damaging or destroying its critical data. As most malware comes via email and websites, don’t overlook the importance of gateways. Ransomware removal tools.

Ransomware 139

Ransomware Backups Encryption Insurance 139

Malwarebytes

MARCH 29, 2021

In addition, we speak to Malwarebytes senior security researcher JP Taggart about the importance of trusting your VPN. But obscuring your Internet activity—including the websites you visit, the searches you make, the files you download—doesn’t mean that a VPN magically disappears those things. Source: ComputerWeekly).

VPN 77

VPN Internet Internet Manufacturing 77

Malwarebytes

OCTOBER 11, 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.

Ransomware 117

Ransomware Social Engineering Backups Engineering 117

Security Affairs

MARCH 26, 2021

Experts identified Tor hidden services and clearnet URLs via various open-source reporting that could be associated with the activity of the Hades ransomware. The ransom note left by the malware points to Tor pages that are uniquely generated for each victim. . SecurityAffairs – hacking, Hades ransomware). Pierluigi Paganini.

Ransomware 139

Ransomware Encryption Malware VPN 139

Malwarebytes

MAY 11, 2021

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an ongoing cybercrime campaign that is using Avaddon ransomware. In a separate advisory (pdf) , the ACSC says it is also aware of an ongoing ransomware campaign using the Avaddon Ransomware malware.

Ransomware 106

Ransomware VPN Encryption Cybercrime 106

Security Affairs

AUGUST 2, 2020

The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. The flash alert also includes indicators of compromise for the Netwalker ransomware along with mitigations. ” reads the alert.

Ransomware 129

Ransomware VPN Advertising Government 129

SecureList

JULY 5, 2021

An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims have reportedly been compromised through a popular MSP software which led to encryption of their customers. To keep your company protected against ransomware 2.0

Ransomware 136

Ransomware Encryption VPN Software 136

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure.

Ransomware 96

Ransomware DDOS Passwords Backups 96

Malwarebytes

MARCH 6, 2023

As part of its StopRansomware effort, the Cybersecurity and Infrastructure Security Agency (CISA) has published a Cybersecurity Advisory (CSA) about Royal ransomware. Royal ransomware is a Ransomware-as-a-service (Raas) that first made an appearance in January 2022. How to avoid ransomware Block common forms of entry.

Ransomware 79

Ransomware Backups VPN Healthcare 79

Hacker Combat

JUNE 1, 2021

Ransomware is a prevalent form of malware or malicious software used by criminals. Ransomware is a form of malware that encrypts your sensitive data, meaning you cannot access your computer or the data. This form of encryption is called crypto-ransomware. An app that encrypts and decrypts data.

Ransomware 82

Ransomware Encryption VPN Cybercrime 82

Security Affairs

OCTOBER 22, 2022

Healthcare and Public Health sector with ransomware. businesses, mainly in the Healthcare and Public Health (HPH) Sector, with ransomware operations. The Daixin Team is a ransomware and data extortion group that has been active since at least June 2022. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware 67

Ransomware VPN Cybercrime Accountability 67

Security Affairs

DECEMBER 6, 2020

LockBit ransomware operators have compromised the systems at the helicopter maker Kopter and published them on their darkweb leak site. The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files. SecurityAffairs – hacking, ransomware).

Ransomware 95

Ransomware VPN Encryption Authentication 95

Security Affairs

JULY 8, 2022

Taiwanese vendor QNAP wars of a new strain of ransomware, dubbed Checkmate, that is targeting its NAS devices. The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. “A new ransomware known as Checkmate has recently been brought to our attention.

Ransomware 91

Ransomware Encryption Passwords Internet 91

Security Affairs

JANUARY 14, 2022

Ukrainian police arrested members of a ransomware gang that targeted at least 50 companies in the U.S. Ukrainian police arrested members of a ransomware affiliate group that is responsible for attacking at least 50 companies in the U.S. and Europe. and Europe. The operation was conducted by the SBU Cyber ??Department

Ransomware 111

Ransomware DDOS Telecommunications Malware 111

Herjavec Group

SEPTEMBER 24, 2021

Ransomware is a breakout ransomware group that became operational shortly after the shutdown of the REvil Ransomware and DarkSide Ransomware operations in late Summer 2021. Furthermore, they have openly claimed that BlackMatter is the product of reproducing the “best parts” of previous ransomware operations [1].

Ransomware 109

Ransomware Manufacturing Energy and Utilities Encryption 109

Security Affairs

MARCH 17, 2020

Coronavirus -themed attacks continue to increase, experts observed new Coronavirus ransomware that acts as a cover for Kpot Infostealer. In this campaign, crooks are exploiting the interest in the Coronavirus (COVID-19) outbreak to deliver a couple of malware, the CoronaVirus Ransomware and the Kpot information-stealing Trojan.

Ransomware 97

Ransomware Cryptocurrency Advertising Passwords 97

Malwarebytes

OCTOBER 26, 2022

The FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) have issued a joint advisory about DAIXIN Team, a fledgling ransomware and data exfiltration group that has been targeting US healthcare. DAIXIN Team may be the latest ransomware threat, but it isn't the only threat.

Ransomware 75

Ransomware Healthcare Phishing VPN 75

Security Affairs

SEPTEMBER 9, 2020

K-Electric, the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services. K-Electric, the electricity provider for Karachi (Pakistan) is another victim of the Netwalker ransomware gang, the infection disrupted billing and online services.

Ransomware 127

Ransomware Energy and Utilities VPN Advertising 127

Security Affairs

JULY 28, 2020

Security experts from Kaspersky Lab reported that North Korea-linked hackers are attempting to spread a new ransomware strain known as VHD. North Korean-linked Lazarus APT Group continues to be very active, the state-sponsored hackers are actively employing new ransomware, tracked as VHD, in attacks aimed at enterprises.

Ransomware 98

Ransomware Malware Advertising VPN 98

Malwarebytes

SEPTEMBER 15, 2023

“Phishing emails containing malware, Remote Desktop Protocol (RDP) brute forcing and Virtual Private Network (VPN) vulnerability exploitation are the most common intrusion tactics used by cybercriminals. Ransomware is named as the most prominent threat with a broad reach and a significant financial impact on industry.

Cybercrime 104

Cybercrime Ransomware DDOS Backups 104

Webroot

OCTOBER 14, 2022

In other words, 2022 has been an eventful year in the threat landscape, with malware continuing to take center stage. The 6 Nastiest Malware of 2022. The ransomware double extortion tactic continues to wreak havoc, with ransomware attackers threating to both steal your data and also leak it if you don’t pay up.

Malware 62

Malware Antivirus DDOS Cyber Insurance 62

Security Affairs

AUGUST 18, 2023

The malware and infrastructure employed in the campaign are linked to the ones observed in Operation ChattyGoblin attributed by the security firm ESET to China-linked threat actors. Bronze Starlight is a nation-state group that was observed using ransomware as means for distraction or misattribution. IP-based geolocation service.

VPN 89

VPN Malware Encryption Passwords 89