Security Affairs

MARCH 17, 2020

Operators behind a new piece of ransomware dubbed Nefilim have started threatening victims to release stolen data like other cybercrime gangs. A new ransomware dubbed Nefilim appeared in the threat landscape at the end of February, it borrows its code from other malware, the Nemty ransomware. share much of the same code.”

Ransomware 137

Ransomware Encryption Cybercrime Advertising 137

Krebs on Security

JANUARY 27, 2021

Authorities across Europe on Tuesday said they’d seized control over Emotet , a prolific malware strain and cybercrime-as-service operation. “Once this unauthorised access was established, these were sold to other top-level criminal groups to deploy further illicit activities such data theft and extortion through ransomware.”

Malware 313

Malware Cybercrime Ransomware Banking 313

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 235

Hacking Cybercrime Ransomware Government 235

Security Affairs

NOVEMBER 1, 2020

The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019. Pierluigi Paganini.

Ransomware 145

Ransomware Cybercrime Advertising Software 145

Security Affairs

NOVEMBER 22, 2019

The University Hospital Center (CHU) of Rouen was hit by the malware last week, the ransomware had a severe impact on the operations during the weekend. The AFP news agency reported that a ransomware attack on a hospital in Rouen last week caused “very long delays in care.” SecurityAffairs – Rouen hospital , ransomware).

Ransomware 138

Ransomware Cybercrime Cyber Attacks Advertising 138

Security Affairs

MAY 11, 2020

ATM maker Diebold Nixdorf discloses a ransomware attack, the good news is that the infection caused only “a limited IT systems outage.”. Diebold Nixdorf, one of the major automatic teller machines (ATMs) maker suffered a ransomware attack that caused only “a limited IT systems outage.” SecurityAffairs – malware , ransomware).

Ransomware 143

Ransomware Advertising Cybercrime Malware 143

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before encrypting them. ” reads the message published by the ransomware operators.

Hacking 145

Hacking Ransomware Advertising Encryption 145

Krebs on Security

OCTOBER 2, 2020

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot , an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.

Ransomware 360

Ransomware Malware Healthcare Internet 360

Security Affairs

OCTOBER 29, 2020

FBI and the DHS’s CISA agencies published a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. The government agencies receive information about imminent attacks, threat actors are using the TrickBot botnet to deliver the infamous ransomware to the infected systems. Pierluigi Paganini.

Healthcare 145

Healthcare Ransomware Cybercrime Advertising 145

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. Joker’s sold cards stolen in a steady drip of breaches at U.S.

Cryptocurrency 292

Cryptocurrency Cybercrime Retail Government 292

Security Affairs

JULY 28, 2020

Security experts from Kaspersky Lab reported that North Korea-linked hackers are attempting to spread a new ransomware strain known as VHD. North Korean-linked Lazarus APT Group continues to be very active, the state-sponsored hackers are actively employing new ransomware, tracked as VHD, in attacks aimed at enterprises.

Ransomware 138

Ransomware Malware Advertising VPN 138

Security Affairs

DECEMBER 2, 2019

Experts discovered a new malware dubbed Clop ransomware that attempts to remove Malwarebytes and other security products. Security researcher Vitali Kremez discovered a new malware dubbed Clop ransomware that targets Windows systems and attempts to disable security products running on the infected systems. Pierluigi Paganini.

Ransomware 144

Ransomware Encryption Advertising Malware 144

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. KPOT source code up for sale! Pierluigi Paganini.

Ransomware 145

Ransomware Malware Advertising Cybercrime 145

Security Affairs

FEBRUARY 29, 2020

Not only Maze ransomware gang, the operators behind Sodinokibi Ransomware allegedly leaked the data of Kenneth Cole Productions. The operators behind Sodinokibi Ransomware have published the download links to archives containing data allegedly stolen from the US firm Kenneth Cole Productions. Kenneth Cole Productions, Inc.

Ransomware 142

Ransomware Advertising Cybercrime Marketing 142

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. SecurityAffairs – Dharma ransomware, malware).

Ransomware 143

Ransomware Hacking Advertising Malware 143

Security Affairs

NOVEMBER 4, 2020

Toymaker giant Mattel disclosed a ransomware attack, the incident took place in July and impacted some of its business operations. Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. Pierluigi Paganini.

Ransomware 141

Ransomware Advertising Retail Malware 141

Security Affairs

MARCH 10, 2020

Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. ” continues the report.

Ransomware 144

Ransomware Cybercrime Social Engineering Banking 144

Security Affairs

MARCH 17, 2020

Most of the ransomware attacks targeting the enterprises occur outside working hours, during the nighttime or during the weekend. Security experts from FireEye published an interesting report on the Ransomware deployment trends, it revealed that most of the attacks (76%) against the enterprise sector occur outside working hours.

Ransomware 143

Ransomware Advertising Malware Cybercrime 143

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye.

Ransomware 139

Ransomware Malware Telecommunications Advertising 139

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. “ Cl0p ” a.k.a.

Healthcare 323

Healthcare Backups Ransomware Insurance 323

Security Affairs

AUGUST 3, 2020

Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware.

Ransomware 145

Ransomware Advertising Malware Hacking 145

Security Affairs

SEPTEMBER 2, 2024

A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS) operation that appeared in the threat landscape. The Cicada3301 ransomware is written in Rust and targets both Windows and Linux/ESXi hosts.

Ransomware 134

Ransomware Encryption Malware Cybercrime 134

Security Affairs

APRIL 27, 2020

The operators behind the Shade Ransomware (Troldesh) shut down their operations and released over 750,000 decryption keys. Good news for the victims of the infamous Shade Ransomware , the operators behind the threat have shut down their operations and released over 750,000 decryption keys. SecurityAffairs – Shade Ransomware, hacking).

Ransomware 145

Ransomware Advertising Antivirus Education 145

Security Affairs

DECEMBER 8, 2024

Hackers stole millions of dollars from Uganda Central Bank International Press Newsletter Cybercrime INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million Hackers Stole $1.49 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence 101

Artificial Intelligence Spyware Hacking Ransomware 101

Security Affairs

MAY 27, 2020

Microsoft is warning organizations to deploy protections against a new strain of PonyFinal ransomware that has been in the wild over the past two months. PonyFinal is Java-based ransomware that is manually distributed by threat actors. PonyFinal is Java-based ransomware that is manually distributed by threat actors.

Ransomware 136

Ransomware Security Intelligence Encryption Advertising 136

Security Affairs

MARCH 9, 2020

Sodinokibi Ransomware operators are threatening to leak a company’s “dirty” financial secrets because they did not pay the ransom. The operators behind the infamous Sodinokibi Ransomware are threatening to publicly release the “dirty” financial secrets of a company that refused to pay the ransom.

Ransomware 141

Ransomware Advertising Cybercrime Hacking 141

Security Affairs

OCTOBER 26, 2020

A ransomware attack recently hit Georgia county government and reportedly disabled a database used to verify voter signatures. A ransomware attack hit a Georgia county government early this month and disabled a database used to verify voter signatures in the authentication of absentee ballots. ” reported the Gainesville Times.

Ransomware 145

Ransomware Advertising Media Government 145

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. pysa file extension that gives the name to this piece ransomware.

Government 141

Government Ransomware Encryption Penetration Testing 141

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. A copy of the passport for Denis Emelyantsev, a.k.a. But that action did not name any defendants.

Cybercrime 276

Cybercrime Advertising IoT Malware 276

Krebs on Security

JUNE 1, 2023

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware 301

Malware Cybercrime Software Accountability 301

Security Affairs

OCTOBER 20, 2020

The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 143

Ransomware Cyber Attacks Advertising Retail 143

Security Affairs

APRIL 2, 2020

Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. Recently Microsoft has published details about human-operated ransomware attacks that targeted organizations in various industries. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 140

Ransomware VPN Healthcare Cyber Attacks 140

Security Affairs

APRIL 13, 2020

The crew behind the Sodinokibi Ransomware plans to stop accepting Bitcoin and switched on Monero cryptocurrency to hide the money trail. The gang behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies. Pierluigi Paganini.

Ransomware 143

Ransomware Cryptocurrency Advertising Hacking 143

Security Affairs

SEPTEMBER 7, 2020

Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. ” reported ZDNet.

Banking 144

Banking Ransomware Advertising VPN 144

Security Affairs

MARCH 3, 2020

The operators behind the Nemty ransomware set up a data leak site to publish the data of the victims who refuse to pay ransoms. Nemty ransomware first appeared on the threat landscape in August 2019, the name of the malware comes after the extension it adds to the encrypted file names. Pierluigi Paganini.

Ransomware 138

Ransomware Advertising Encryption Malware 138

Security Affairs

OCTOBER 20, 2018

The developers of the GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. The authors of the infamous GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. But at least that way we can help them now.”

Ransomware 111

Ransomware Cybercrime Identity Theft Advertising 111

Security Affairs

AUGUST 21, 2020

The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The university did not reveal the ransomware family involved in the attack. ” According to the University, the ransomware encrypted only 0.02% of the data stored on its servers.

Ransomware 145

Ransomware Cyber Insurance Insurance Advertising 145