Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

Krebs on Security

DECEMBER 10, 2020

Payment card processing giant TSYS suffered a ransomware attack earlier this month. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business. In 2019, TSYS was acquired by financial services firm Global Payments Inc. NYSE:GPN ].

Ransomware 359

Ransomware Financial Services Cyber threats Banking 359

Krebs on Security

SEPTEMBER 23, 2020

The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents. Plano, Texas-based Tyler Technologies [ NYSE:TYL ] has some 5,300 employees and brought in revenues of more than $1 billion in 2019.

Technology 359

Technology Ransomware Software Government 359

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide.

Ransomware 112

Ransomware IoT Encryption Social Engineering 112

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code. This is not an idle concern.

Ransomware 355

Ransomware Encryption Backups Manufacturing 355

Krebs on Security

AUGUST 13, 2019

. “According to Microsoft, at least two of these vulnerabilities ( CVE-2019-1181 and CVE-2019-1182 ) can be considered ‘wormable’ and [can be equated] to BlueKeep,” referring to a dangerous bug patched earlier this year that Microsoft warned could be used to spread another WannaCry-like ransomware outbreak.

Backups 230

Backups Software Authentication Internet 230

Krebs on Security

NOVEMBER 19, 2019

NVA said it discovered the ransomware outbreak on the morning of Sunday, Oct. A source close to the investigation told KrebsOnSecurity that NVA was hit with Ryuk , a ransomware strain first spotted in August 2018 that targets mostly large organizations for a high-ransom return. “Around 2 am PT [Oct.

Ransomware 261

Ransomware Technology Malware Software 261

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes.

Ransomware 277

Ransomware Accountability Cybercrime Passwords 277

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S.

Malware 340

Malware Identity Theft Cybercrime Accountability 340

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. ” reads the press release published by DoJ. in restitution.”

Ransomware 107

Ransomware Healthcare Government Cryptocurrency 107

Krebs on Security

DECEMBER 10, 2019

The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is already being exploited in active attacks. It is very likely this is being exploited in the wild.”

Backups 173

Backups Software Malware Marketing 173

Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. First surfacing in September 2019, the gang is estimated to have made hundreds of millions of U.S. Ivan Gennadievich Kondratyev , a.k.a.

Ransomware 329

Ransomware Cybercrime Encryption Insurance 329

Penetration Testing

NOVEMBER 27, 2024

Active since 2019, SMOKEDHAM plays a... The post SMOKEDHAM Backdoor: UNC2465’s Stealth Weapon for Extortion and Ransomware Campaigns appeared first on Cybersecurity News.

Ransomware 95

Ransomware Cybersecurity Malware 95

Krebs on Security

JULY 19, 2019

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. In response, the company appears to have simply deleted or deactivated its Twitter account (a cached copy from June 2019 is available here ).

Ransomware 278

Ransomware Accountability Software Marketing 278

Krebs on Security

MAY 14, 2019

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003 , citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

Malware 267

Malware Ransomware Authentication 267

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. This user said they specialize in developing malware, creating computer worms, and crafting new ways to hijack Web browsers. Last week, the United States joined the U.K. “P.S.

Ransomware 300

Ransomware Cybercrime Accountability Malware 300

Krebs on Security

JANUARY 6, 2020

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. In mid-November 2019, Wisconsin-based Virtual Care Provider Inc. VCPI) was hit by the Ryuk ransomware strain.

Passwords 255

Passwords Ransomware Password Management Malware 255

Krebs on Security

JUNE 3, 2019

have been held hostage by a ransomware strain known as “ Robbinhood.” But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it. “We took a look at it and found a pretty vanilla ransomware binary,” Stewart said.

Ransomware 239

Ransomware Accountability Malware Government 239

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware.

Malware 304

Malware Cybercrime Software Accountability 304

Security Affairs

MARCH 14, 2025

The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. reads the press release published by DoJ.

Ransomware 64

Ransomware Cryptocurrency Small Business Malware 64

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch inch diskettes. inch diskettes. FBI spoofs 2012 – 2013.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Adam Levin

NOVEMBER 4, 2020

The infamous Maze ransomware gang has announced they will cease operations, effective immediately. . On November 1, the hacking group behind several high profile ransomware attacks in 2020 issued a rambling press release, riddled with spelling errors, on the dark web announcing, “it is officially closed.”.

Ransomware 168

Ransomware Scams Hacking Malware 168

SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Number of attacks on mobile users in 2019 and 2020 ( download ). The year in figures.

Mobile 145

Mobile Malware Adware Banking 145

CyberSecurity Insiders

FEBRUARY 25, 2022

A malware that can take over social media accounts of victims is seen propelling on Microsoft App Store and reports are in that it has so far infected over 5,000 accounts in the disguise of fake Temple Run and Subway Surfer games.

Malware 121

Malware Ransomware Media Encryption 121

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware.

Cybercrime 355

Cybercrime Ransomware Passwords Banking 355

Security Affairs

NOVEMBER 28, 2020

The IIoT chip maker Advantech was hit by the Conti ransomware, the gang is now demanding over $13 million ransom from the company. billion in 2019. The ransomware gang announced on November 21, 2020 the leak of stolen data if the chipmaker would not have paid the ransom within the next day. Pierluigi Paganini.

Ransomware 145

Ransomware Encryption IoT Malware 145

Adam Levin

JUNE 30, 2020

We’re not even halfway through 2020, and already it’s been a record-breaking year for ransomware attacks. Barely a week goes by without reports of a new strain or variant of malware wreaking havoc among companies. Millions of inboxes have been hit with a variant of Avaddon ransomware. What can CEOs do?

Ransomware 186

Ransomware Insurance Cyber Insurance Manufacturing 186

The Last Watchdog

AUGUST 15, 2019

Stunning as these two high-profile attacks were, they do not begin to convey the full scope of what a pervasive and destructive phenomenon ransomware has become – to individuals, to companies of all sizes and, lately, to poorly defended local agencies. Probing and plundering Ransomware is highly resilient and flexible.

Ransomware 196

Ransomware Internet Internet Hacking 196

CyberSecurity Insiders

OCTOBER 28, 2021

US Federal Bureau of Investigation (FBI) has issued an alert that a new ransomware dubbed as Ranzy Locker is on the prowl in the wild and has so far attained success in victimizing over 30 companies operating in America. The post Ranzy Locker Ransomware warning issued by FBI appeared first on Cybersecurity Insiders.

Ransomware 142

Ransomware Firmware Encryption Backups 142

Krebs on Security

APRIL 7, 2022

and Germany moved to decapitate “ Hydra ,” a billion-dollar Russian darknet drug bazaar that also helped to launder the profits of multiple Russian ransomware groups. Separately, law enforcement agencies in the U.S. energy facilities. and international companies and entities, including U.S. ” HYDRA. . ” HYDRA.

Marketing 304

Marketing Energy and Utilities Malware Ransomware 304

Adam Levin

JANUARY 9, 2020

Currency exchange giant Travelex has effectively been taken offline by a ransomware attack. . The ransomware detected on the Travelex servers has been identified as Sodinokibi (also known as REvil), a “ransomware as a service” form of malware that is developed and maintained by the Sodinokibi hacking group and deployed by over 40 affiliates.

Ransomware 157

Ransomware Encryption Insurance VPN 157

Security Affairs

JANUARY 7, 2021

The US Federal Bureau of Investigation (FBI) issued a security alert warning private sector companies of Egregor ransomware attacks. The US FBI has issued a Private Industry Notification (PIN) to warn private organizations of Egregor ransomware attacks. Install and regularly update anti-virus or anti-malware software on all hosts.

Ransomware 145

Ransomware Authentication Phishing Passwords 145

Security Affairs

MAY 24, 2021

Operators behind the Zeppelin ransomware-as-a-service (RaaS) have resumed their operations after a temporary interruption. Researchers from BleepingComputer reported that operators behind the Zeppelin ransomware-as-a-service (RaaS), aka Buran , have resumed their operations after a temporary interruption. Pierluigi Paganini.

Ransomware 142

Ransomware Encryption Malware Healthcare 142

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Federal Bureau of Investigation (FBI) contacted them regarding ransomware attacks that were based in Canada.

Cybercrime 333

Cybercrime Ransomware Accountability Advertising 333

eSecurity Planet

DECEMBER 13, 2021

Cybersecurity vaccines are emerging as a new tool to defend against threats like ransomware and zero-day vulnerabilities. Cybersecurity firms have released “vaccines” in recent days to protect against the widely used STOP ransomware strain and the new Apache Log4Shell vulnerability. They also come with the same limitations.

Ransomware 145

Ransomware Cybersecurity Encryption Malware 145

SecureList

FEBRUARY 27, 2023

Figures of the year In 2022, Kaspersky mobile products and technology detected: 1,661,743 malicious installers 196,476 new mobile banking Trojans 10,543 new mobile ransomware Trojans Trends of the year Mobile attacks leveled off after decreasing in the second half of 2021 and remained around the same level throughout 2022. percentage points.

Mobile 143

Mobile Malware Adware Banking 143

Security Affairs

JUNE 7, 2022

Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. Mandiant researchers have investigated multiple LOCKBIT ransomware attacks that have been attributed to the financially motivated threat actor UNC2165. Previously, the UNC2165 actors also deployed the HADES ransomware.

Ransomware 145

Ransomware Cybercrime Malware Hacking 145