Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware.

Cybercrime 143

Cybercrime Ransomware DDOS Encryption 143

SecureList

SEPTEMBER 13, 2021

The Incident response analyst report provides insights into incident investigation services conducted by Kaspersky in 2020. In 2020, the pandemic forced companies to restructure their information security practices, accommodating a work-from-home (WFH) approach. Geography of incident responses by region, 2020.

Social Engineering 138

Social Engineering Healthcare Ransomware Government 138

Adam Levin

SEPTEMBER 22, 2020

The personal information of 540,000 sports referees, league officials, and school representatives has been compromised following a ransomware attack targeting a software vendor for the athletics industry.

Identity Theft 246

Identity Theft Passwords Backups Encryption 246

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. He declined to comment on the particulars of the extortion incident.

Hacking 361

Hacking Ransomware Banking Accountability 361

Security Affairs

JANUARY 12, 2021

Security firm Bitdefender released a tool that allows victims of the Darkside ransomware to recover their files without paying the ransom. Good news for the victims of the Darkside ransomware , they could recover their files for free using a tool that was released by the security firm Bitdefender. Pierluigi Paganini.

Ransomware 144

Ransomware Encryption Hacking Information Security 144

Security Affairs

MARCH 24, 2021

Security experts reported that a second ransomware gang, named Black Kingdom , is targeting Microsoft Exchange servers. The first ransomware gang exploiting the above issues in attacks in the wild was a group tracked as DearCry. BlackKingdom ransomware on my personal servers. It does indeed encrypt files.

Ransomware 145

Ransomware Encryption VPN Malware 145

Security Affairs

SEPTEMBER 28, 2020

The operators behind new ransomware dubbed Mount Locker have adopted the same tactic of other gangs threatening the victims to leak stolen data. A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. MountLocker #Ransomware claimed Makalot Industrial Co.

Ransomware 144

Ransomware Encryption Advertising Engineering 144

Security Affairs

DECEMBER 18, 2020

A threat actor is spreading ransomware dubbed CoderWare that masquerades as Windows and Android versions of the recent Cyberpunk 2077. Crooks are spreading fake Windows and Android versions of installers for the new Cyberpunk 2077 video game that is delivering the CoderWare ransomware. SecurityAffairs – hacking, ransomware).

Mobile 145

Mobile Ransomware Encryption Malware 145

SecureList

JUNE 17, 2021

Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware was used by an unknown adversary for exploiting a Microsoft Exchange vulnerability (CVE-2021-27065). The ransomware family was DearCry. Ransomware is written in Python. Background. Product affected.

Ransomware 145

Ransomware Encryption VPN System Administration 145

The Last Watchdog

MAY 5, 2022

Ransomware? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor.

Ransomware 247

Ransomware Risk Internet Internet 247

SecureList

OCTOBER 7, 2021

These days, when speaking of cyberthreats, most people have in mind ransomware, specifically cryptomalware. This roundup spotlights the ransomware Trojan families that most actively attacked businesses in the CIS in H1 2021, and their technical characteristics. Ransomware families at a glance. Note left by the ransomware.

Ransomware 141

Ransomware Encryption Passwords Malware 141

Security Affairs

NOVEMBER 28, 2020

The IIoT chip maker Advantech was hit by the Conti ransomware, the gang is now demanding over $13 million ransom from the company. The ransomware gang announced on November 21, 2020 the leak of stolen data if the chipmaker would not have paid the ransom within the next day. billion in 2019. billion in 2019. Pierluigi Paganini.

Ransomware 145

Ransomware Encryption IoT Malware 145

Security Affairs

SEPTEMBER 26, 2020

Good news for the victims of the ThunderX ransomware, cybersecurity firm Tesorion has released a decryptor to recover their files for free. Cybersecurity firm Tesorion has released a free decryptor for the ThunderX ransomware that allows victims to recover their files. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware 145

Ransomware Encryption Advertising Hacking 145

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. The MU-000140-MW flash alert includes indicators of compromise to detect associated with this ransomware gang.

Ransomware 145

Ransomware Encryption VPN Backups 145

Security Affairs

FEBRUARY 12, 2024

Researchers discovered a vulnerability in the code of the Rhysida ransomware that allowed them to develop a decryption tool. Cybersecurity researchers from Kookmin University and the Korea Internet and Security Agency (KISA) discovered an implementation vulnerability in the source code of the Rhysida ransomware.

Ransomware 137

Ransomware Encryption VPN Manufacturing 137

Security Affairs

APRIL 3, 2021

The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. The Avaddon ransomware family first appeared in the threat landscape in February 2020, and its authors started offering it with a Ransomware-as-a-Service (RaaS) model in June, 2020.

Ransomware 140

Ransomware Encryption Malware Cybercrime 140

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 143

Ransomware Encryption Antivirus VPN 143

Security Affairs

NOVEMBER 26, 2020

discloses a ransomware attack that took place in September 2020. revealed that a ransomware attack hit its systems in September 2020. “On September 14, 2020, USF experienced an IT security event [.] “On September 14, 2020, USF experienced an IT security event [.] Pierluigi Paganini.

Ransomware 145

Ransomware Data breaches Encryption Malware 145

Malwarebytes

MARCH 30, 2021

A recent warning from the FBI, in mid-March, put schools in the US and UK on notice of increased attacks from the threat actors behind the PYSA ransomware. What is PYSA ransomware? The PYSA ransomware is a variant of the Mespinoza ransomware. Files are encrypted using AES implemented with RSA-encrypted keys.

Ransomware 136

Ransomware Encryption Education Government 136

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware 145

Ransomware Encryption Backups Malware 145

Security Affairs

JANUARY 30, 2021

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. Pierluigi Paganini.

Ransomware 144

Ransomware Encryption Malware Cybercrime 144

Security Affairs

AUGUST 2, 2020

The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. The flash alert also includes indicators of compromise for the Netwalker ransomware along with mitigations. ” reads the alert.

Ransomware 145

Ransomware VPN Advertising Government 145

CSO Magazine

AUGUST 24, 2021

The FBI is warning companies that a ransomware group calling itself OnePercent or 1Percent is leveraging the IceID Trojan and the Cobalt Strike backdoor to gain a foothold inside networks. The ransomware group has been active since at least November 2020 and has hit companies in the United States.

Ransomware 143

Ransomware Banking Encryption 143

Security Affairs

JULY 1, 2020

Experts discovered a new ransomware dubbed EvilQuest designed to target macOS systems, it also installs a keylogger and a reverse shell to take over them. macOS #ransomware impersonating as Google Software Update program with zero detection. The ransomware also checks for some common anti-virus solutions (e.g.

Ransomware 145

Ransomware Malware Encryption Software 145

CyberSecurity Insiders

AUGUST 6, 2021

Gangs spreading LockBit ransomware are reportedly bribing employees of corporate companies to enter their computer network and compromise it with file encrypting malware. ransomware spreading gang seems to go employing craze techniques to keep their money counters ringing. Yes, what you’ve read is right! As LockBit 2.0

Ransomware 144

Ransomware VPN Encryption Cryptocurrency 144

Security Affairs

JULY 19, 2024

Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. Two foreign nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in Newark federal court for their roles in the LockBit ransomware operation.

Ransomware 144

Ransomware Healthcare Encryption Government 144

Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. Source BleepingComputer.

Ransomware 144

Ransomware Hacking Encryption Malware 144

eSecurity Planet

DECEMBER 13, 2021

Cybersecurity vaccines are emerging as a new tool to defend against threats like ransomware and zero-day vulnerabilities. Cybersecurity firms have released “vaccines” in recent days to protect against the widely used STOP ransomware strain and the new Apache Log4Shell vulnerability. They also come with the same limitations.

Ransomware 144

Ransomware Cybersecurity Encryption Malware 144

Security Affairs

AUGUST 4, 2020

Maze ransomware operators published internal data from LG and Xerox after the company did not pay the ransom. Ransomware crews are very active during these months, Maze ransomware operators have published tens of GB of internal data allegedly stolen from IT giants LG and Xerox following failed extortion attempts. GB from Xerox.

Ransomware 144

Ransomware Encryption Advertising Firmware 144

Security Affairs

MARCH 4, 2021

Group-IB published a report titled “Ransomware Uncovered 2020-2021 ”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB , a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021 ”.

Ransomware 140

Ransomware Cybercrime Malware Marketing 140

Security Affairs

NOVEMBER 4, 2020

Toymaker giant Mattel disclosed a ransomware attack, the incident took place in July and impacted some of its business operations. Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. Pierluigi Paganini.

Ransomware 144

Ransomware Advertising Retail Malware 144

Security Affairs

OCTOBER 13, 2020

Seyfarth Shaw, one of the leading global legal firms announced that it was a victim of an “aggressive malware” attack, likely a ransomware attack. Seyfarth Shaw announced it was the victim of an “aggressive malware” attack, but the media immediately reported a ransomware infection later confirmed by the firm. Pierluigi Paganini.

Ransomware 145

Ransomware Advertising Malware Encryption 145

Security Affairs

OCTOBER 15, 2020

The Egregor ransomware gang has hit the game developer Crytek and leaked files allegedly stolen from the systems of the gaming firm Ubisoft. A previously unknown ransomware gang dubbed Egregor has hit the game developer Crytek and leaked files allegedly stolen from the internal network of another leading gaming firm, Ubisoft.

Ransomware 145

Ransomware Advertising Phishing Media 145

Security Affairs

MARCH 26, 2021

Accenture security researchers published an analysis of the latest Hades campaign, which is ongoing since at least December 2020. . Experts identified Tor hidden services and clearnet URLs via various open-source reporting that could be associated with the activity of the Hades ransomware. ” concludes the report.

Ransomware 145

Ransomware Encryption Malware VPN 145

Security Affairs

DECEMBER 6, 2020

LockBit ransomware operators have compromised the systems at the helicopter maker Kopter and published them on their darkweb leak site. The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files. SecurityAffairs – hacking, ransomware).

Ransomware 140

Ransomware VPN Encryption Authentication 140

Security Affairs

NOVEMBER 1, 2021

The US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands). Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry of a new feature of the HelloKitty ransomware gang (aka FiveHands). ” reads the flash alert.

DDOS 145

DDOS Ransomware Cybercrime Encryption 145

Security Affairs

AUGUST 2, 2020

BleepingComputer researchers confirmed that Garmin has received the decryption key to recover their files encrypted with the WastedLocker Ransomware. BleepingComputer first revealed that Garmin has received the decryption key to recover the files encrypted with the WastedLocker Ransomware in the recent attack.

Ransomware 145

Ransomware Encryption Advertising Software 145