Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site. ” reads the alert.

Hacking 111

Hacking Ransomware Computers and Electronics Marketing 111

Security Boulevard

FEBRUARY 28, 2023

Marshals Service (USMS) has been hacked (again). The post US Marshals Ransomware Hack is ‘Major Incident’ appeared first on Security Boulevard. Scrotes stole sensitive stuff (supposedly).

Hacking 130

Hacking Ransomware Social Engineering Cyber Attacks 130

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. It was this first time that the operators adopted this tactic.

Ransomware 91

Ransomware Encryption Antivirus VPN 91

The Hacker News

FEBRUARY 23, 2022

Similarities have been unearthed between the Dridex general-purpose malware and a little-known ransomware strain called Entropy, suggesting that the operators are continuing to rebrand their extortion operations under a different name.

Malware 102

Malware Ransomware Hacking Software 102

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Today, the Medusa ransomware gang claimed responsibility for the attack and threatened to leak the purportedly stolen data if the company doesn’t pay the ransom.

Financial Services 120

Financial Services Hacking Ransomware Data breaches 120

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 109

Ransomware Backups VPN Authentication 109

Security Affairs

DECEMBER 4, 2021

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. ” states the alert.

Ransomware 137

Ransomware Hacking Malware Encryption 137

Security Affairs

SEPTEMBER 30, 2023

The ALPHV/BlackCat ransomware gang added the hotel chain Motel One to the list of victims on its Tor leak site. The ALPHV/BlackCat ransomware gang added Motel One to the list of victims on its Tor leak site. ” The ransomware group threatens to leak the stolen data if the company does not pay the ransom within five days.

Hacking 112

Hacking Ransomware Manufacturing Media 112

Security Affairs

SEPTEMBER 10, 2023

Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack. Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization.

Hacking 125

Hacking Ransomware Healthcare Cyber Attacks 125

CyberSecurity Insiders

OCTOBER 19, 2021

REvil ransomware group having history of launching sophisticated cyber attacks on Kaseya software; JBS Meat and Travelex this year are experiencing strange events these days. The gang’s payment portal and data leak blog have been hacked by some other group throwing the developers into jeopardy.

Hacking 104

Hacking Ransomware Cyber Attacks Encryption 104

Security Affairs

AUGUST 22, 2023

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate.

VPN 89

VPN Ransomware Hacking Education 89

Security Affairs

DECEMBER 13, 2022

LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. The LockBit ransomware gang claims to have stolen 76Gb from the California Department of Finance and is threatening to leak the stolen data if the victims will not pay the ransom by December 24.

Hacking 126

Hacking Ransomware Cybersecurity Technology 126

Security Affairs

DECEMBER 16, 2023

The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another healthcare organization suffered a ransomware attack, the Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Who is Hunters International?

Ransomware 108

Ransomware Hacking Insurance Healthcare 108

Security Affairs

DECEMBER 1, 2023

The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. In some cases, the anti-virus solution flagged the binary as Windows malware (“Win32.Troj.Undef”).

Ransomware 125

Ransomware Encryption Malware Cybercrime 125

SecureList

JUNE 15, 2023

Thus, it was inevitable that malware creators would one day begin not only to distribute malicious programs themselves, but also to sell them to less technically proficient attackers, thereby lowering the threshold for entering the cybercriminal community.

Malware 131

Malware Ransomware Cybercrime Hacking 131

Security Affairs

MARCH 11, 2024

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server.

Ransomware 103

Ransomware Malware Healthcare Manufacturing 103

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 85

Ransomware Backups VPN Authentication 85

Security Affairs

JANUARY 1, 2024

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. The Cactus ransomware group claims to have hacked Coop and is threatening to disclose a huge amount of personal information, over 21 thousand directories. The stores are co-owned by 3.5

Retail 123

Retail Ransomware Encryption Hacking 123

Security Affairs

MARCH 20, 2024

security flaws in JetBrains TeamCity to deploy multiple malware families and gain administrative control over impacted systems. They are then able to perform RCE and TeamCity-related processes, such as spawning a command and scripting interpreter (including PowerShell) to download additional malware or perform discovery commands.”

Malware 116

Malware Authentication Cryptocurrency Ransomware 116

Security Affairs

AUGUST 21, 2023

The BlackCat/ALPHV ransomware group claims to have hacked the Japanese maker of watches Seiko and added the company to its data leak site. Now the BlackCat/ALPHV ransomware gang has added Seiko to the list of victims published on its data leak site.

Hacking 86

Hacking Ransomware Data breaches Cyber Attacks 86

Security Affairs

NOVEMBER 9, 2022

Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems. Researchers from AhnLab Security Emergency Response Center (ASEC) reported that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned.

Malware 89

Malware Ransomware Cybercrime Phishing 89

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 123

Ransomware Encryption Backups Manufacturing 123

Security Affairs

AUGUST 28, 2023

The Rhysida ransomware group claimed to have hacked Prospect Medical Holdings and sensitive information from the company. Now the Rhysida ransomware group has claimed responsibility for the cyberattack. The impacted patients were being contacted individually, according to the company’s website.

Hacking 87

Hacking Ransomware Cybersecurity Information Security 87

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) The issue was listed by CISA as known to be used in ransomware campaigns, but the agency did not reveal which ransomware groups are actively exploiting the issue. in attacks in the wild. This week the U.S.

Ransomware 127

Ransomware VPN Education Hacking 127

CyberSecurity Insiders

JULY 8, 2021

Trickbot banking malware is back in news for inducing a new ransomware variant into the wild. Researchers from Fortinet’s FortiGuard Labs has have found that the new malware strain is acting similar to that of Conti Ransomware with a change that it Asymmetric encryption algorithms unlike other file encrypting malware variants.

Malware 110

Malware Ransomware Healthcare Encryption 110

Security Affairs

MARCH 20, 2021

Taiwanese multinational hardware and electronics corporation Acer was victim of a REvil ransomware attack, the gang demanded a $50,000,000 ransom. Taiwanese computer giant Acer was victim of the REvil ransomware attack, the gang is demanding the payment of a $50,000,000 ransom, the largest one to date. billion in revenue.

Ransomware 141

Ransomware Hacking Computers and Electronics Malware 141

Security Affairs

AUGUST 10, 2022

Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. yanluowang ransomware has posted #Cisco to its leaksite.

Ransomware 123

Ransomware Hacking VPN Phishing 123

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the LockBit ransomware gang has added the cybersecurity firm Mandiant to the list of victims published on its darkweb leak site. ransomware to evade sanctions. Pierluigi Paganini.

Hacking 130

Hacking Ransomware Cybersecurity Cybercrime 130

Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation.

Ransomware 122

Ransomware Hacking Encryption Malware 122

Heimadal Security

JANUARY 19, 2022

FIN8 is a financially motivated malicious actor who has been observed attacking financial institutions for numerous years, notably by deploying POS malware capable of stealing credit card information. The post A New Ransomware Was Linked to FIN8 Hacking Group appeared first on Heimdal Security Blog.

Hacking 112

Hacking Ransomware Healthcare Phishing 112

Security Affairs

FEBRUARY 10, 2024

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. ” concludes the report.

Ransomware 118

Ransomware Architecture Malware Passwords 118

Security Affairs

NOVEMBER 11, 2020

?Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems.

Advertising 123

Advertising Hacking Ransomware Accountability 123

Security Affairs

JUNE 5, 2021

Cyble researchers investigated a recent attack on an India-based IT firm that was hit by the BlackCocaine Ransomware gang. The Cyble Research team discovered that the company was the victim of the BlackCocaine Ransomware gang. The researchers reported that ransomware uses the AES and RSA encryption methods. Pierluigi Paganini.

Ransomware 123

Ransomware Malware Encryption Financial Services 123

Security Affairs

JANUARY 16, 2023

Antivirus firm Avast released a free decryptor for the BianLian ransomware family that allows victims to recover locked files. Security firm Avast has released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files. ” reads the post published by Avast. anabolic.exe.

Ransomware 92

Ransomware Malware Antivirus Encryption 92

Security Affairs

DECEMBER 4, 2023

Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks using the DanaBot Trojan (Storm-1044) to deploy the CACTUS ransomware. Microsoft the campaign to the ransomware operator Storm-0216 (Twisted Spider, UNC2198).

Ransomware 103

Ransomware Malware Banking Hacking 103

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data.

Ransomware 108

Ransomware Manufacturing Hacking Insurance 108

Heimadal Security

DECEMBER 5, 2022

This type of malware usually pretends to ask for a ransom, but in this case, the trojan is designed to be destructive by wiping data from files stored on victims’ computers. At first glance, the malware, dubbed CryWiper, […].

Hacking 85

Hacking Ransomware Malware Cybersecurity 85