Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site. ” reads the alert.

Hacking 115

Hacking Ransomware Computers and Electronics Marketing 115

Malwarebytes

JANUARY 31, 2024

Nitrogen is the name given to a campaign and associated malware that have been distributed via malicious search ads. The threat actors seem to have a preference for hosting their payloads on compromised WordPress sites, many of which are already hacked with malicious PHP shell scripts.

Malware 78

Malware Hacking System Administration Ransomware 78

Security Affairs

APRIL 17, 2024

Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. Cado Security Labs recently became aware that Cerber ransomware is being deployed into Confluence servers via the CVE-2023-22518 exploit. ” states Cado Security. .

Ransomware 135

Ransomware Encryption Malware Accountability 135

Security Affairs

SEPTEMBER 10, 2023

Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack. Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization.

Hacking 128

Hacking Ransomware Healthcare Cyber Attacks 128

Security Affairs

DECEMBER 16, 2023

The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another healthcare organization suffered a ransomware attack, the Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Who is Hunters International?

Ransomware 112

Ransomware Hacking Insurance Healthcare 112

Security Affairs

AUGUST 22, 2023

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate.

VPN 89

VPN Ransomware Hacking Education 89

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. It was this first time that the operators adopted this tactic.

Ransomware 108

Ransomware Encryption Antivirus VPN 108

Malwarebytes

APRIL 28, 2021

One day after a ransomware group shared hacked data that allegedly belonged to the Washington, D.C. Claiming responsibility for the DC police cyberattack is the ransomware gang Babuk. Police Department online, the police force for the nation’s capital confirmed it had been breached.

Ransomware 103

Ransomware Encryption Government Malware 103

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Today, the Medusa ransomware gang claimed responsibility for the attack and threatened to leak the purportedly stolen data if the company doesn’t pay the ransom.

Financial Services 124

Financial Services Hacking Ransomware Data breaches 124

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 113

Ransomware Backups VPN Authentication 113

Security Affairs

DECEMBER 22, 2023

The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The Akira ransomware gang claimed to have breached Nissan Australia and to have stolen around 100GB of files from the carmaker giant. “We’ve obtained 100 GB of data of Nissan Australia.

Ransomware 128

Ransomware Data breaches Financial Services Scams 128

Security Affairs

AUGUST 21, 2023

The BlackCat/ALPHV ransomware group claims to have hacked the Japanese maker of watches Seiko and added the company to its data leak site. “As a result, we are now reasonably certain that there was a breach and that some information stored by our Company and/or our Group companies may have been compromised.”

Hacking 86

Hacking Ransomware Data breaches Cyber Attacks 86

Heimadal Security

JANUARY 19, 2022

FIN8 is a financially motivated malicious actor who has been observed attacking financial institutions for numerous years, notably by deploying POS malware capable of stealing credit card information. The post A New Ransomware Was Linked to FIN8 Hacking Group appeared first on Heimdal Security Blog.

Hacking 115

Hacking Ransomware Healthcare Phishing 115

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. The ZIP archives contain a compressed executable payload that, if executed, will start the encryption process with LockBit Black ransomware. ” states the report published by the NJCCIC. 177 and 185[.]215[.]113[.]66.

Phishing 106

Phishing Ransomware Security Awareness Authentication 106

Security Affairs

DECEMBER 13, 2022

LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. The LockBit ransomware gang claims to have stolen 76Gb from the California Department of Finance and is threatening to leak the stolen data if the victims will not pay the ransom by December 24.

Hacking 130

Hacking Ransomware Cybersecurity Technology 130

Security Affairs

JANUARY 1, 2024

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. The Cactus ransomware group claims to have hacked Coop and is threatening to disclose a huge amount of personal information, over 21 thousand directories. The stores are co-owned by 3.5

Retail 127

Retail Ransomware Encryption Hacking 127

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) The vulnerability CVE-2020-3259 is an information disclosure issue that resides in the web services interface of ASA and FTD. in attacks in the wild. This week the U.S. Cisco addressed the flaw in May 2020.

Ransomware 131

Ransomware VPN Education Hacking 131

Security Affairs

DECEMBER 1, 2023

The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. In some cases, the anti-virus solution flagged the binary as Windows malware (“Win32.Troj.Undef”).

Ransomware 129

Ransomware Encryption Malware Cybercrime 129

Security Affairs

MAY 16, 2024

Electronic prescription provider MediSecure in Australia suffered a ransomware attack likely originate from a third-party vendor. The company was forced to shut down its website and phone lines following a cyber attack, but it did not mention a ransomware attack. ” reads the statement published by the company. million customers.

Ransomware 67

Ransomware Data breaches Government Insurance 67

Security Affairs

MAY 5, 2024

FuckRansomware pic.twitter.com/uD09m7AukH — Jon DiMaggio (@Jon__DiMaggio) May 5, 2024 However, researchers at VX-underground have spoken with Lockbit ransomware group administrative staff regarding the return of the old domain and the gang claims law enforcement is lying. Lockbit ransomware group states law enforcement is lying.

Ransomware 123

Ransomware Cybercrime Cyber Attacks Encryption 123

CyberSecurity Insiders

MAY 4, 2023

Second is the news about a Sydney-based cancer treatment facility that became a victim of a ransomware attack. Third is the news related to the City of Dallas, where the servers of the Dallas Police Department have fallen prey to a ransomware attack, thus disrupting systems related to emergencies and other calls.

Information Security 99

Information Security Healthcare Social Engineering Ransomware 99

Security Affairs

MAY 14, 2024

The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people. At the end of August 2023, the systems at three hospitals and other medical facilities operated by Singing River Health System (SRHS) were hit by a Rhysida ransomware attack.

Identity Theft 84

Identity Theft Ransomware Data breaches Insurance 84

Security Affairs

AUGUST 28, 2023

The Rhysida ransomware group claimed to have hacked Prospect Medical Holdings and sensitive information from the company. Now the Rhysida ransomware group has claimed responsibility for the cyberattack. The impacted patients were being contacted individually, according to the company’s website.

Hacking 87

Hacking Ransomware Cybersecurity Information Security 87

Security Affairs

NOVEMBER 9, 2022

Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems. Researchers from AhnLab Security Emergency Response Center (ASEC) reported that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned.

Malware 89

Malware Ransomware Cybercrime Phishing 89

Security Affairs

MARCH 20, 2021

Taiwanese multinational hardware and electronics corporation Acer was victim of a REvil ransomware attack, the gang demanded a $50,000,000 ransom. Taiwanese computer giant Acer was victim of the REvil ransomware attack, the gang is demanding the payment of a $50,000,000 ransom, the largest one to date. billion in revenue.

Ransomware 143

Ransomware Hacking Computers and Electronics Malware 143

Security Affairs

FEBRUARY 10, 2024

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. ” concludes the report.

Ransomware 122

Ransomware Architecture Malware Passwords 122

Security Affairs

AUGUST 10, 2022

Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. yanluowang ransomware has posted #Cisco to its leaksite.

Ransomware 127

Ransomware Hacking VPN Phishing 127

Security Affairs

APRIL 24, 2024

The individuals launched spear-phishing and malware attacks. Iranian cyber actors persist in targeting the United States through various malicious cyber activities, including ransomware attacks on critical infrastructure and spear phishing campaigns against individuals, companies, and government entities.

Government 92

Government Phishing Social Engineering Hacking 92

Security Affairs

JUNE 5, 2021

Cyble researchers investigated a recent attack on an India-based IT firm that was hit by the BlackCocaine Ransomware gang. The Cyble Research team discovered that the company was the victim of the BlackCocaine Ransomware gang. The researchers reported that ransomware uses the AES and RSA encryption methods. Pierluigi Paganini.

Ransomware 123

Ransomware Malware Encryption Financial Services 123

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 88

Ransomware Backups VPN Authentication 88

Security Affairs

MARCH 11, 2024

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server.

Ransomware 107

Ransomware Malware Manufacturing Healthcare 107

Security Affairs

NOVEMBER 3, 2022

The LockBit ransomware group claimed to have hacked the multinational automotive group Continental and threatens to leak stolen data. LockBit ransomware gang announced to have hacked the German multinational automotive parts manufacturing company Continental. SecurityAffairs – hacking, Lockbit). Pierluigi Paganini.

Hacking 94

Hacking Ransomware Manufacturing Technology 94

Security Affairs

MARCH 20, 2024

security flaws in JetBrains TeamCity to deploy multiple malware families and gain administrative control over impacted systems. They are then able to perform RCE and TeamCity-related processes, such as spawning a command and scripting interpreter (including PowerShell) to download additional malware or perform discovery commands.”

Malware 120

Malware Authentication Cryptocurrency Ransomware 120

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 127

Ransomware Encryption Backups Manufacturing 127

Security Affairs

SEPTEMBER 26, 2023

This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site. Last week a ransomware attack hit the Government of Kuwait, the attack took place on September 18 and the government experts immediately started the incident response procedures to block the threat.

Ransomware 111

Ransomware Government Hacking Cyber Attacks 111

Hacker Combat

JULY 7, 2022

According to cybersecurity researchers, the bumblebee loader is now a darling in the ransomware ecosystem. A new malware is now an important component when it comes to engineering ransomware attacks. The malware, which goes by the name Bumblebee, was recently analyzed by Symantec researchers.

Malware 98

Malware Ransomware Phishing Engineering 98

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the LockBit ransomware gang has added the cybersecurity firm Mandiant to the list of victims published on its darkweb leak site. ransomware to evade sanctions. Pierluigi Paganini.

Hacking 130

Hacking Ransomware Cybersecurity Cybercrime 130