Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. It was this first time that the operators adopted this tactic.

Ransomware 103

Ransomware Encryption Antivirus VPN 103

Security Affairs

APRIL 25, 2024

A ransomware attack on a Swedish logistics company Skanlog severely impacted the country’s liquor supply. Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5%

Ransomware 102

Ransomware Retail Cyber Attacks Backups 102

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 108

Ransomware Backups VPN Authentication 108

Security Affairs

APRIL 3, 2024

Jackson County, Missouri, confirmed that a ransomware attack has disrupted several county services. A ransomware attack disrupted several services of the Jackson County, Missouri. “Jackson County has confirmed a ransomware attack was responsible for the disruption of several county services today.”

Ransomware 95

Ransomware Hacking Technology Cybersecurity 95

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks.

Malware 113

Malware Ransomware Banking Healthcare 113

Security Affairs

FEBRUARY 9, 2024

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. BleepingComputer reported that the Car maker Hyundai Motor Europe was breached by the Black Basta ransomware gang. The threat actors claim to have stolen three terabytes of data from the company.

Hacking 126

Hacking Ransomware Data breaches Manufacturing 126

Security Boulevard

OCTOBER 25, 2021

Wouldn’t it be great if you had enough confidence in your information security program that if a criminal gang attacked you, you would be able to defend yourself, keep your business going and notify the appropriate legal authorities and any vendor partners that might be impacted? The post Can you Become Ransomware-Proof?

Ransomware 130

Ransomware Information Security Cyber Risk CISO 130

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

Ransomware 127

Ransomware VPN Education Hacking 127

Security Affairs

FEBRUARY 13, 2024

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. BTC (about 157,000 EURO).

Ransomware 109

Ransomware Backups Encryption Healthcare 109

Security Affairs

DECEMBER 1, 2023

The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. “Today we dove into a new ransomware sample, internally dubbed “Turtle”.

Ransomware 125

Ransomware Encryption Malware Cybercrime 125

CyberSecurity Insiders

FEBRUARY 21, 2023

All these days we have read about ransomware spreading groups stealing data and then threatening to release it online, if the victim fails to pay heed to their demands. ransomware does so during negotiations and tries to find the exact amount to be covered with the cyber insurance and then demands ransom.

Insurance 124

Insurance Ransomware Cyber Insurance Encryption 124

Security Affairs

MARCH 11, 2024

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server.

Ransomware 102

Ransomware Malware Healthcare Manufacturing 102

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 84

Ransomware Backups VPN Authentication 84

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware 121

Ransomware Backups Healthcare Firewall 121

Security Affairs

MARCH 16, 2024

School districts continue to be under attack, schools in Scranton, Pennsylvania, are suffering a ransomware attack. This week, schools in Scranton, Pennsylvania, experienced a ransomware attack, resulting in IT outages. ” reported The Time Tribune.

Ransomware 104

Ransomware Computers and Electronics Data breaches Hacking 104

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. The Akira ransomware gang claimed the theft of 430 GB of data from the university’s systems.

Ransomware 106

Ransomware Data breaches Passwords Government 106

Security Affairs

JANUARY 2, 2024

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor.

Ransomware 115

Ransomware Encryption Insurance Malware 115

Security Affairs

JUNE 3, 2023

Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. Extension: blacksuit.

Ransomware 93

Ransomware Healthcare Encryption Manufacturing 93

Security Affairs

FEBRUARY 10, 2024

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. ” concludes the report.

Ransomware 118

Ransomware Architecture Malware Passwords 118

Security Affairs

JANUARY 21, 2024

The LockBit ransomware gang claimed to have hacked Subway, the American multinational fast food restaurant franchise. The Lockbit ransomware group added Subway to the list of victims on its Tor data leak site and threatened to leak the stolen data on February 02, 2024 at 21:44:16 UTC.

Ransomware 128

Ransomware Hacking Data breaches Cybercrime 128

Security Affairs

OCTOBER 27, 2023

The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Lockbit ransomware group today added Boeing to the list of victims on its Tor leak site. ransomware ??????: In 2022, Boeing recorded $66.61 In 2022, Boeing recorded $66.61

Ransomware 129

Ransomware Manufacturing InfoSec Hacking 129

Security Affairs

OCTOBER 12, 2023

Ransomlooker monitors ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide. Cybernews presented Ransomlooker , a tool to monitor ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide.

Ransomware 132

Ransomware Internet Internet Hacking 132

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. Winter was the least active time (14.6%

Ransomware 118

Ransomware Manufacturing Retail Insurance 118

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. The chipmaker has 14,000 employees as of 2024.

Ransomware 107

Ransomware Manufacturing Hacking Insurance 107

Security Affairs

OCTOBER 4, 2023

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. Ransomware, a menace that has evolved into a formidable adversary, takes center stage in our examination of the cyber threat landscape during the second quarter of 2023.

Ransomware 105

Ransomware Data collection Cyber threats Hacking 105

Heimadal Security

JUNE 24, 2022

Nowadays, the majority of chief information security officers (CISOs) are most concerned about ransomware, which has emerged as one of the biggest security threats. Ransomware threat actors have […]. Ransomware threat actors have […]. The post How to Mitigate Ransomware?

Ransomware 80

Ransomware CISO Information Security Cybersecurity 80

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management. ” reported Bleeping Computer. .”

Ransomware 114

Ransomware Insurance Technology Encryption 114

Security Affairs

DECEMBER 30, 2023

The INC RANSOM ransomware group claims to have hacked the American multinational corporation Xerox Corp. The INC RANSOM ransomware group claims responsibility for hacking the American multinational corporation Xerox Corp and threatens to disclose the alleged stolen data. Xerox Corp provides document management solutions worldwide.

Ransomware 121

Ransomware InfoSec Data breaches Hacking 121

Security Affairs

NOVEMBER 12, 2023

The Lorenz ransomware gang has been active since April 2021 and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransom to the victims. At the time of this writing, the Loren group has started uploading the stolen data (95%) US Healthcare organizations continue to be a privileged target of ransomware gangs.

Ransomware 123

Ransomware Healthcare Encryption Cyber Attacks 123

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. ” reads the message published by the ransomware group on its Tor leak site.

Accountability 122

Accountability Ransomware Data breaches Hacking 122

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. Tietoevry is a Finnish multinational information technology (IT) and consulting company that provides managed services and cloud hosting for the enterprise.

Ransomware 105

Ransomware VPN Government Retail 105

Security Affairs

DECEMBER 22, 2023

The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The Akira ransomware gang claimed to have breached Nissan Australia and to have stolen around 100GB of files from the carmaker giant. “We’ve obtained 100 GB of data of Nissan Australia.

Ransomware 123

Ransomware Data breaches Financial Services Scams 123

Security Affairs

SEPTEMBER 2, 2022

Uptycs researchers recently spotted a new Linux ransomware that appears to be under active development. The Uptycs Threat Research team recently observed an Executable and Linkable Format ( ELF ) ransomware which encrypts the files inside Linux systems based on the given folder path. Figure 1: DarkAngels ransomware README.

Ransomware 142

Ransomware Encryption Malware Hacking 142

Security Affairs

AUGUST 6, 2021

Taiwanese manufacturer and distributor of computer hardware GIGABYTE was a victim of the RansomEXX ransomware gang. RansomEXX ransomware gang hit the Taiwanese manufacturer and distributor of computer hardware GIGABYTE and claims to have stolen 112GB of data. Currently, production, sales and daily operations are not affected.”

Manufacturing 121

Manufacturing Ransomware Information Security Security Defenses 121

Security Affairs

JUNE 15, 2023

The LockBit ransomware group successfully extorted roughly $91 million from approximately 1,700 U.S. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. organizations since 2020. organizations since 2020.

Ransomware 85

Ransomware Cybersecurity Education Government 85

Security Affairs

FEBRUARY 27, 2024

New threat actors have started exploiting ConnectWise ScreenConnect vulnerabilities, including the Black Basta and Bl00dy ransomware gangs. Trend Micro confirmed that Black Basta and Bl00dy ransomware groups are actively exploiting both flaws and shared details about their attack chains.

Ransomware 113

Ransomware Malware Software Authentication 113

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. ” reads the joint advisory.

Ransomware 113

Ransomware Healthcare Manufacturing Education 113