Malwarebytes

MARCH 1, 2022

On February 27, an individual with insights into the Conti ransomware group started leaking a treasure trove of data beginning with internal chat messages. The tweets include screenshots, raw data files and even the ransomware source code. File name Hash Description 1.tgz File name Hash Description 1.tgz

Ransomware 89

Ransomware Healthcare Cyber threats Encryption 89

Security Affairs

MAY 13, 2023

The CheckMate ransomware operators have been targeting the Server Message Block (SMB) communication protocol used for file sharing to compromise their victims’ networks. To the best of our knowledge, it doesn’t operate a data leak site. They do this to raise the pressure for a victim to pay the ransom.

Ransomware 93

Ransomware Encryption Passwords Internet 93

SecureList

JANUARY 18, 2023

The media routinely report incidents and leaks of data that end up publicly accessible on the dark web. More personal data leaks; corporate email at risk. The trend for personal data leaks grew rapidly in 2022 and will continue into 2023. The leaks affected various organizations and amounts of data.

Media 100

Media Social Engineering Ransomware Hacking 100

Security Affairs

DECEMBER 4, 2021

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. ” states the alert.

Ransomware 139

Ransomware Hacking Malware Encryption 139

Security Affairs

MAY 25, 2021

The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this year, on March 7. Bose Corporation has announced it was the victim of a ransomware attack that took place earlier this year, on March 7. Bose first detected the malware/ransomware on Bose’s U.S.

Ransomware 120

Ransomware Malware Cyber Attacks Backups 120

Security Boulevard

JUNE 8, 2022

Ransomware Trends Show Lockbit Most Active, New Tactics, Healthcare Hit Hard. LockBit replaced Conti as the most active ransomware gang and continued to evolve its operations in the first quarter, according to a report (PDF) from KELA Cybercrime Intelligence. LockBit disclosed 226 victims in the first quarter. brooke.crothers.

Healthcare 52

Healthcare Ransomware Encryption Cybercrime 52

Security Affairs

JUNE 1, 2023

The BlackCat ransomware gang claims to have hacked the Casepoint legal technology platform used US agencies, including SEC and FBI. The cybersecurity researcher Dominic Alvieri first noticed that the BlackCat ransomware gang added the company Casepoint to the list of victims on its Tor Dark Web site.

Technology 84

Technology Hacking Ransomware Manufacturing 84

Malwarebytes

MAY 12, 2021

Late last week, the business network systems of Colonial Pipeline , the biggest supplier of fuels on the East Coast of the United States, were compromised due to a ransomware attack , forcing the company to temporarily shut down its operations while investigations are underway. Threat profile: DarkSide ransomware. and DarkSide v2.1.

Ransomware 126

Ransomware Encryption Government Antivirus 126

Security Affairs

SEPTEMBER 22, 2021

CISA, FBI, and the NSA warned today of an escalation of the attacks of the Conti ransomware gang targeting US organizations. CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) are warning of an increased number of Conti ransomware attacks against US organizations. and international organizations.

Ransomware 99

Ransomware Cybercrime Authentication Healthcare 99

CyberSecurity Insiders

JUNE 11, 2021

First, a gaming company named Electronic Arts is trending on Google news headlines for becoming a victim of a cyberattack that leaked source codes and tools belonging to several of its popular games such as FIFA 21, Battlefield, Frostbite Engine, and Battle Tanks.

Cyber Attacks 132

Cyber Attacks Identity Theft Ransomware Engineering 132

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The operators of the Hive ransomware upgraded their malware by migrating the malware to the Rust language and implementing a more sophisticated encryption method, Microsoft researchers warn.

Encryption 118

Encryption Ransomware Cybercrime Malware 118

Security Affairs

OCTOBER 24, 2021

Experts from cybersecurity firm Emsisoft announced the availability of a free decryptor for past victims of the BlackMatter ransomware. Cybersecurity firm Emsisoft has released a free decryption tool for past victims of the BlackMatter ransomware. “ reads the announcement published by Emsisoft.

Ransomware 99

Ransomware Encryption Backups Healthcare 99

SecureList

NOVEMBER 23, 2021

Then we will go through the key events of 2021 relating to attacks on financial organizations. Analysis of forecasts for 2021. In addition, bitcoin ended 2020 at around $28,000 and quickly rose to a peak of $40,000 in January 2021. In April 2021, the Andariel group attempted to spread custom Ransomware.

Cryptocurrency 104

Cryptocurrency Banking Cybercrime Ransomware 104

SecureList

NOVEMBER 1, 2022

On July 7, CISA issued an alert, “ North Korean State-Sponsored Cyber Actors Use Maui Ransomware To Target the Healthcare and Public Health Sector “, based on a Stairwell report about Maui ransomware. The backdoor has been used in a variety of attacks, including ransomware attacks and espionage campaigns.

Malware 139

Malware Ransomware Spyware Encryption 139

Herjavec Group

SEPTEMBER 24, 2021

Ransomware is a breakout ransomware group that became operational shortly after the shutdown of the REvil Ransomware and DarkSide Ransomware operations in late Summer 2021. Furthermore, they have openly claimed that BlackMatter is the product of reproducing the “best parts” of previous ransomware operations [1].

Ransomware 109

Ransomware Manufacturing Energy and Utilities Encryption 109

Security Affairs

OCTOBER 9, 2022

Crooks left a ransom note, threatening to leak the data and inform authorities of the EU’s General Data Protection Regulation (GDPR) violations. Three days later, Cybernews researchers revisited the database to see whether it had been closed, and found it had been hit with ransomware. Dangerous leak. The ransomware.

Ransomware 98

Ransomware Passwords Encryption Identity Theft 98

Security Affairs

APRIL 3, 2021

The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. The Avaddon ransomware family first appeared in the threat landscape in February 2020, and its authors started offering it with a Ransomware-as-a-Service (RaaS) model in June, 2020.

Ransomware 97

Ransomware Encryption Malware Cybercrime 97

SecureWorld News

OCTOBER 28, 2021

A Russian ransomware group known as Grief claims it is gunning for the National Rifle Association (NRA). sanctioned group Evil Corp, has been leaking NRA files on the Dark Web, claiming to have breached the association's systems. Grief ransomware gang posts to Dark Web about NRA hack. October 27, 2021. October 27, 2021.

Ransomware 85

Ransomware Cybercrime Hacking Government 85

SecureList

DECEMBER 5, 2022

This is an old saying, found in various languages, and it can be applied to ransomware developers. In previous blog posts, we highlighted an increase in the popularity of platform-independent languages and ESXi support , and recently , we wrote about ransomware borrowing these propagation methods. Some ransomware statistics.

Ransomware 92

Ransomware Malware Technology Cybercrime 92

SecureWorld News

SEPTEMBER 21, 2021

Just two weeks ago, SecureWorld’s Drew Todd reported on 5 Ransomware Attacks Targeting Food and Agriculture. A Russia-based ransomware gang by the name of BlackMatter hit Iowa grain co-op New Cooperative, Inc. They [Ransomware gangs] have got you boxed into a corner. How do you fight against ransomware attacks?

Ransomware 83

Ransomware Cryptocurrency Cybercrime Risk 83

Security Affairs

JUNE 1, 2021

“Prometheus” and “Grief” – a multi-billion dollar ransomware market obtained two new emerging players. Prometheus is a new emerging ransomware group extorting enterprises in various verticals across the globe. Thanos ransomware (a.k.a.

Government 83

Government Ransomware Cyber threats Manufacturing 83

Digital Shadows

JULY 5, 2021

On 02 July 2021, details started to emerge of a sophisticated supply-chain attack targeting Kaseya VSA, virtual system administrator software used to manage and monitor customers’ infrastructure. At the time of writing, the number of companies affected by this ransomware supply-chain attack is still unclear.

Ransomware 52

Ransomware Encryption Cryptocurrency System Administration 52

Malwarebytes

MARCH 14, 2023

External attackers could send specially crafted emails to cause a connection from the victim to an external UNC location of attackers' control. This would leak the Net-NTLMv2 hash of the victim to the attacker who could then relay this to another service and authenticate as the victim. Get a free trial below.

Authentication 98

Authentication Internet Internet Ransomware 98

SecureWorld News

OCTOBER 4, 2021

BEC attacks continue, with less fanfare than ransomware. This type of cybercrime continues to fleece organizations even though it lacks the sexy headlines of a ransomware attack. The redheaded stepchild behind ransomware, which doesn't get talked about as much is BEC, or business email compromise.

Insurance 75

Insurance Ransomware Social Engineering Cybercrime 75

SecureList

DECEMBER 1, 2023

The incident occurred in the third and fourth week of March, as part of a small wave of attacks involving both DroxiDat and Cobalt Strike beacons around the world; and we believe this incident may have been the initial stage of a ransomware attack. Most have been located in the US, with some victims in Canada, Europe, Asia and Australia.

Malware 90

Malware Ransomware Encryption Energy and Utilities 90

SecureWorld News

OCTOBER 19, 2021

Ransomware burnout might be creeping in for many cybersecurity professionals, but cybercrime organizations do not show any signs of slowing down, according to a new report. Treasury Department released its Financial Trend Analysis report on Friday, providing the lay of the land when it comes to ransomware in the first two quarters of 2021.

Ransomware 87

Ransomware Cryptocurrency Cybercrime Cybersecurity 87

eSecurity Planet

OCTOBER 20, 2021

Recent news headlines have shown how vulnerable even large companies with many resources at their disposal are to ransomware. One vendor says application security may be the key to stopping ransomware. Preventing Ransomware with Application Security. How Ransomware Accesses a Network.

Ransomware 102

Ransomware Software Network Security Authentication 102

SecureList

DECEMBER 14, 2022

This indicated unusually high activity by the Turla group, which signaled a never-before-seen mobilization of the group’s resources. On the very first day of the conflict (February 24, 2022), a massive wave of indiscriminate pseudo-ransomware and wiper attacks hit Ukrainian entities. Key insights.

DDOS 131

DDOS Ransomware Government Energy and Utilities 131

SecureWorld News

SEPTEMBER 14, 2021

This is also true for victims of cybercrimes, too. How can you protect children against a malignant data leak after it has already happened? With the rise in ransomware attacks on government and healthcare organizations, as well as schools, this will continue to be a significant challenge. What happens when a school is attacked?

Cyber Insurance 87

Cyber Insurance Ransomware Insurance Backups 87

eSecurity Planet

JUNE 16, 2022

Cyber criminals may damage, destroy, steal, encrypt, expose, or leak data as well as cause harm to a system. The 2022 SonicWall Cyber Threat Report found that all types of cyberattacks increased in 2021. Encrypted threats spiked 167%, ransomware increased 105%, and 5.4 Ransomware. Ransomware is the fastest-growing trend.

Backups 145

Backups Ransomware Firewall Malware 145

SecureList

NOVEMBER 10, 2022

Cryptocurrency prices were dropping from the end of 2021 and throughout the first half of 2022. Apart from cryptocurrency theft they extort digital money or illicitly mine it using victim’s devices instead of their own. The data from 2022 is compared to data from 2021 to assess year-on-year development trends in cryptojacking.

Cryptocurrency 106

Cryptocurrency Malware Software Ransomware 106

Malwarebytes

DECEMBER 13, 2022

Once this is done they can sell the access to another threat actor, like a ransomware group. The Silence Group seems to have a strong relation with the group behind Clop ransomware, often referenced as TA505. Active Directory trust relations allow organizations to share users and resources across domains. Mitigation.

Ransomware 87

Ransomware Encryption Malware Internet 87

SecureWorld News

JUNE 8, 2021

After all, the conventional wisdom is that ransomware gangs demand cryptocurrency so they can move the funds anonymously and with impunity. Government track pipeline ransomware payment? Colonial Pipeline's CEO made the decision to pay the ransom just hours after learning of the May 7, 2021, attack against the company.

Ransomware 108

Ransomware Passwords VPN Accountability 108

CyberSecurity Insiders

JANUARY 31, 2021

An increase in ransomware attacks is not news to us anymore. Back in 2019, a McAfee report confirmed that across all sectors, ransomware incidents increased by 118% during the first quarter of 2019. We believe ransomware attacks will only increase as schools go to distance learning and working-from-home becomes the norm.

Ransomware 40

Ransomware Backups Encryption Healthcare 40

Jane Frankland

OCTOBER 1, 2021

” His statement couldn’t be truer and as I chaired the European Security Forum 2021 in London this week, I was amazed at how the theme of unlearning what we know glued together (figuratively speaking) all the other speakers’ presentations. But we’ve seen higher in the legal sector when it comes to ransomware attacks.

Cybersecurity 100

Cybersecurity Ransomware Identity Theft Technology 100

SecureList

OCTOBER 20, 2021

While this report is primarily focused on cybercriminals that operate on Russian territory, cybercriminals rarely restrict themselves to national borders — with ransomware gangs being a prime example of such cross-border activity. We investigated 200 cases for clients in Russia in 2020, and already over 300 in the first nine months of 2021.

Cybercrime 137

Cybercrime Banking Malware Ransomware 137

SecureWorld News

JUNE 8, 2021

After all, the conventional wisdom is that ransomware gangs demand cryptocurrency so they can move the funds anonymously and with impunity. government track pipeline ransomware payment? Colonial Pipeline's CEO made the decision to pay the ransom just hours after learning of the May 7, 2021, cyberattack against the company.

Ransomware 52

Ransomware Passwords VPN Accountability 52