Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. Tietoevry is a Finnish multinational information technology (IT) and consulting company that provides managed services and cloud hosting for the enterprise.

Ransomware 105

Ransomware VPN Government Retail 105

Security Affairs

DECEMBER 22, 2020

A joint operation conducted by law European enforcement agencies resulted in the seizure of the infrastructure of three bulletproof VPN services. ” The three VPN bulletproof services were hosted at insorg.org , safe-inet.com , and safe-inet.net, their home page currently displays a law enforcement banner. day to $190/year.

VPN 115

VPN Cybercrime Advertising Accountability 115

Security Affairs

NOVEMBER 8, 2023

Five Canadian hospitals were victims of a ransomware attack, threat actors claim to have stolen data from them and leaked them. Five Canadian hospitals revealed they were victims of ransomware attacks after threat actors leaked alleged stolen data. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware 111

Ransomware Healthcare VPN Insurance 111

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. ” continues the EUROPOL. Europol said.

VPN 80

VPN Cybercrime Ransomware Advertising 80

Security Affairs

JUNE 17, 2021

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Experts also spotted a tainted version of the Psiphon tool, an open-source VPN software used to evade internet censorship. SecurityAffairs – hacking, ransomware).

VPN 122

VPN Internet Internet Software 122

Security Affairs

AUGUST 10, 2022

Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. SecurityAffairs – hacking, Yanluowang ransomware).

Ransomware 124

Ransomware Hacking VPN Phishing 124

Security Affairs

JANUARY 13, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN 105

VPN Cybercrime Ransomware Hacking 105

Security Affairs

JULY 25, 2022

Operators behind the Amadey Bot malware use the SmokeLoader to distribute a new variant via software cracks and keygen sites. Amadey Bot is a data-stealing malware that was first spotted in 2018, it also allows operators to install additional payloads. Then the malware contacts the C2 and sends system information (i.e.

Software 116

Software Malware Cybercrime VPN 116

Security Affairs

NOVEMBER 14, 2022

Russian threat actors employed a new ransomware family called Somnia in attacks against multiple organizations in Ukraine. The Government Computer Emergency Response Team of Ukraine CERT-UA is investigating multiple attacks against organizations in Ukraine that involved a new piece of ransomware called Somnia. Pierluigi Paganini.

Ransomware 79

Ransomware Computers and Electronics VPN Malware 79

Security Affairs

MARCH 24, 2021

Security experts reported that a second ransomware gang, named Black Kingdom , is targeting Microsoft Exchange servers. The first ransomware gang exploiting the above issues in attacks in the wild was a group tracked as DearCry. BlackKingdom ransomware on my personal servers. It does indeed encrypt files.

Ransomware 138

Ransomware Encryption VPN Malware 138

Security Affairs

DECEMBER 10, 2022

The US Department of Health and Human Services (HHS) warns healthcare organizations of Royal ransomware attacks. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. The malware changes the extension of the encrypted files to ‘.royal’.

Healthcare 87

Healthcare Ransomware Encryption Malware 87

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. SecurityAffairs – hacking, malware).

Ransomware 135

Ransomware Malware Advertising Cybercrime 135

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. ” reads the joint advisory.

Ransomware 113

Ransomware Healthcare Manufacturing Education 113

Security Affairs

MAY 9, 2023

Researchers warn of a new ransomware family called CACTUS that exploits known vulnerabilities in VPN appliances to gain initial access to victims’ networks. The new ransomware operation has been active since March 2023, despite the threat actors use a double-extortion model, their data leak site has yet to be discovered.

Ransomware 73

Ransomware VPN Antivirus Encryption 73

Security Affairs

DECEMBER 14, 2023

French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian national who is suspected of laundering criminal proceeds for the Hive ransomware gang. anti-cybercrime (Ofac).”

Ransomware 111

Ransomware Cryptocurrency Cybercrime VPN 111

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April 2020.

Ransomware 145

Ransomware Encryption VPN Backups 145

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Pierluigi Paganini.

Ransomware 96

Ransomware DDOS Passwords Backups 96

Security Affairs

APRIL 25, 2022

At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. Federal Bureau of Investigation (FBI) published a flash report that states that at least 60 entities worldwide have been breached by BlackCat ransomware (aka ALPHV and Noberus) since it started its operations in November.

Ransomware 103

Ransomware Antivirus Passwords Malware 103

Security Affairs

NOVEMBER 28, 2023

The ransomware gang claims the theft of board meeting minutes, internal project documentation, personnel details, audit reports, and more. businesses, mainly in the Healthcare and Public Health (HPH) Sector, with ransomware operations. The Daixin Team group gains initial access to victims through virtual private network (VPN) servers.

Hacking 117

Hacking VPN Ransomware Cybercrime 117

Security Affairs

MAY 1, 2021

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. ” reads the security advisory published by the vendor. . Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 111

Ransomware Cryptocurrency Malware Internet 111

Security Affairs

JUNE 21, 2021

The Taiwanese memory and storage chip maker ADATA was hit by the Ragnar Locker ransomware gang that also published more than 700GB of stolen data. The Ragnar Locker ransomware gang has published on its leak sites more than 700GB of data stolen from Taiwanese memory and storage chip maker ADATA. Consider installing and using a VPN.

Ransomware 137

Ransomware Passwords VPN Authentication 137

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC. Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches 95

Data breaches Phishing Ransomware Malware 95

Security Affairs

MAY 12, 2023

Swiss electrification and automation technology giant ABB suffered a Black Basta ransomware attack that impacted its business operations. Swiss multinational company ABB, a leading electrification and automation technology provider, it the last victim of the notorious Black Basta ransomware group. billion in revenue for 2022.

Ransomware 85

Ransomware VPN Hacking Technology 85

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks.

Ransomware 144

Ransomware Encryption Passwords Malware 144

Security Affairs

JANUARY 26, 2023

The leak site of the Hive ransomware gang was seized due to an international operation conducted by law enforcement in ten countries. The Tor leak site used by Hive ransomware operators has been seized as part of an international operation conducted by law enforcement in 10 countries. cybersecurity and intelligence authorities.

Ransomware 90

Ransomware VPN Healthcare Manufacturing 90

Security Affairs

MARCH 26, 2021

Experts identified Tor hidden services and clearnet URLs via various open-source reporting that could be associated with the activity of the Hades ransomware. The ransom note left by the malware points to Tor pages that are uniquely generated for each victim. . SecurityAffairs – hacking, Hades ransomware). Pierluigi Paganini.

Ransomware 139

Ransomware Encryption Malware VPN 139

Security Affairs

APRIL 2, 2020

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. ” reads the post published by Microsoft.

Ransomware 105

Ransomware VPN Healthcare Cyber Attacks 105

Security Affairs

MAY 28, 2023

Swiss electrification and automation technology giant ABB confirmed it has suffered a data breach after a ransomware attack. BleepingComputer reported that the attack was carried out by the Black Basta ransomware group , some of the projects were delayed and the attack impacted some of the company factories.

Data breaches 86

Data breaches Ransomware VPN Hacking 86

Security Affairs

JUNE 30, 2022

Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions. Good news for the victims of the Hive ransomware , the South Korean cybersecurity agency KISA has released a free decryptor for versions from v1 till v4.

Ransomware 107

Ransomware Cybersecurity Encryption VPN 107

Security Affairs

MAY 17, 2022

Justice Department accused a 55-year-old Venezuelan cardiologist of operating and selling the Thanos ransomware. Justice Department accused Moises Luis Zagala Gonzalez, a 55-year-old cardiologist from Venezuela, of operating and selling the Thanos ransomware. Thanos ransomware (a.k.a.

Ransomware 86

Ransomware Cybercrime VPN Malware 86

Security Affairs

JANUARY 14, 2022

Ukrainian police arrested members of a ransomware gang that targeted at least 50 companies in the U.S. Ukrainian police arrested members of a ransomware affiliate group that is responsible for attacking at least 50 companies in the U.S. The gang was distributing the LockerGoga and MegaCortex ransomware families. and Europe.

Ransomware 111

Ransomware DDOS Telecommunications Malware 111

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The operators of the Hive ransomware upgraded their malware by migrating the malware to the Rust language and implementing a more sophisticated encryption method, Microsoft researchers warn.

Encryption 113

Encryption Ransomware Cybercrime Malware 113

Security Affairs

OCTOBER 22, 2022

Healthcare and Public Health sector with ransomware. businesses, mainly in the Healthcare and Public Health (HPH) Sector, with ransomware operations. The Daixin Team is a ransomware and data extortion group that has been active since at least June 2022. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware 67

Ransomware VPN Cybercrime Accountability 67

Security Affairs

JULY 20, 2020

Another telco company was hit by a ransomware, roughly 18,000 computers belonging to Telecom Argentina were infected over the weekend. Telecom Argentina , one of the largest internet service providers in Argentina, was hit by a ransomware attack. SecurityAffairs – hacking, REVil ransomware). million ransom. Pierluigi Paganini.

Ransomware 121

Ransomware VPN Advertising Internet 121

Security Affairs

DECEMBER 6, 2020

LockBit ransomware operators have compromised the systems at the helicopter maker Kopter and published them on their darkweb leak site. The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files. SecurityAffairs – hacking, ransomware).

Ransomware 95

Ransomware VPN Encryption Authentication 95

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 95

Artificial Intelligence VPN Hacking Firewall 95

Security Affairs

SEPTEMBER 12, 2022

Cisco confirmed the May attack and that the data leaked by the Yanluowang ransomware group was stolen from its systems. In August, Cisco disclosed a security breach, the Yanluowang ransomware gang breached its corporate network in late May and stole internal data. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 98

Ransomware VPN Authentication Phishing 98