2020 and Ransomware - Cyber Security Informer

Ransomware Profitability

Schneier on Security

FEBRUARY 10, 2021

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Ransomware is now an established worldwide business.

Ransomware

Ransomware Cryptocurrency

Microsoft Patch Tuesday, Sept. 2020 Edition

Krebs on Security

SEPTEMBER 8, 2020

Among the chief concerns for enterprises this month is CVE-2020-16875 , which involves a critical flaw in the email software Microsoft Exchange Server 2016 and 2019. “We have seen the previously patched Exchange bug CVE-2020-0688 used in the wild, and that requires authentication. . We’ll likely see this one in the wild soon.

Software

Software Backups Authentication Internet

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

AUGUST 14, 2020

NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc. Formerly known as Accretive Health Inc. billion in 2019.

Ransomware

Ransomware Healthcare Insurance Phishing

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But according to Microsoft and an advisory from the U.S. National Security Agency (NSA).

Healthcare

Healthcare Ransomware Cybersecurity Malware

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Did you know that 2021 was a record-breaking year for ransomware? million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! Ransomware growth trends and stats. The costs and impact of a ransomware attack. Ransomware protection planning best practices.

Ransomware

Elpaco Ransomware: A New Threat Actor Leverages CVE-2020-1472 for Global Attacks

Penetration Testing

NOVEMBER 27, 2024

Kaspersky Labs has unveiled a sophisticated new ransomware variant named Elpaco, which has emerged as an evolution of the Mimic ransomware family.

Ransomware

Ransomware Malware Cybersecurity

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime

Cybercrime Ransomware Healthcare Education

A ransomware attack disrupted services at Pittsburgh Regional Transit

Security Affairs

DECEMBER 26, 2024

A ransomware attack on Pittsburgh Regional Transit (PRT) was the root cause of the agency’s service disruptions. On December 23, 2024, Pittsburgh Regional Transit (PRT) announced it was actively responding to a ransomware attack that was first detected on Thursday, December 19.

Ransomware

Ransomware Cyber Attacks Hacking Cybersecurity

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code.

Ransomware

Ransomware Encryption Backups Manufacturing

Russian Hacker “Wazawaka” Indicted for Ransomware

Krebs on Security

MAY 16, 2023

A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. And on April 26, 2021, Matveev and his Babuk gang allegedly deployed ransomware against the Metropolitan Police Department in Washington, D.C.

Ransomware

Ransomware Cybercrime VPN Healthcare

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. Image: Tamer Tuncay, Shutterstock.com.

Healthcare

Healthcare Insurance Computers and Electronics Data breaches

On the Evolution of Ransomware

Schneier on Security

DECEMBER 30, 2020

Good article on the evolution of ransomware : Though some researchers say that the scale and severity of ransomware attacks crossed a bright line in 2020, others describe this year as simply the next step in a gradual and, unfortunately, predictable devolution. Ransomware is a decades-old idea.

Ransomware

Ransomware Antivirus

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. In May 2023, the US Justice Department charged Russian national Mikhail Pavlovich Matveev for his alleged role in multiple ransomware attacks. The Treasury Department sanctioned the ransomware actor.

Ransomware

Ransomware Healthcare Hacking Malware

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware.

Healthcare

Healthcare Ransomware Antivirus Hacking

Conti Ransomware Group Diaries, Part I: Evasion

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. 22, 2020, the U.S. On Sunday, Feb.

Ransomware

Ransomware Healthcare Cybercrime Government

10 takeaways from Mimecast's 2020 email security report

Tech Republic Security

JUNE 9, 2020

Phishing is on the rise, ransomware continues to be a threat, and email exploits are more popular than ever. Here are the email security risks, and what you can do about them, in 2020.

Phishing

Phishing Ransomware Risk

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. ” Meanwhile, the U.S.

Ransomware

Ransomware Accountability Cybercrime Malware

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. ” reads the press release published by DoJ. in restitution.”

Ransomware

Ransomware Healthcare Government Cryptocurrency

Dental group lied through teeth about data breach, fined $350,000

Malwarebytes

JANUARY 6, 2025

A US chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an accidentally formatted hard drive. In October 2020, Westend Dental was attacked by the Medusa Locker ransomware group.

Data breaches

Data breaches Ransomware Passwords Insurance

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

Ransomware

Ransomware VPN Education Hacking

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

Security Affairs

NOVEMBER 26, 2024

Blue Yonder, a supply chain software provider, suffered a ransomware attack, impacting operations for clients like Starbucks and grocery stores. A ransomware attack on Blue Yonder disrupted operations for several customers, including Starbucks and U.K. Blue Yonder confirmed it was the victim of a ransomware attack.

Software

Software Ransomware Retail Manufacturing

CISA advisory on LockBit: $91 million extorted from 1,700 attacks since 2020

Tech Republic Security

JUNE 15, 2023

FBI, CISA and international organizations released an advisory detailing breadth and depth of LockBit, and how to defend against the most prevalent ransomware of 2022 and (so far) 2023. The post CISA advisory on LockBit: $91 million extorted from 1,700 attacks since 2020 appeared first on TechRepublic.

Ransomware

Ransomware Cybersecurity Network Security

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Krebs on Security

OCTOBER 28, 2020

26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. On Monday, Oct. hospitals and healthcare providers.”

Ransomware

Ransomware Healthcare Computers and Electronics Cybercrime

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Daniel Miessler

SEPTEMBER 29, 2020

Ransomware is the Cyber Pearl Harbor we’ve been waiting for all along. Ransomware is the new PCI. DanielMiessler) September 19, 2020. Some stats: At the time of this writing, Google News returns 7,460,000 results for the term Ransomware. IBM says 1 in 4 of attacks its X-Force Team sees is caused by Ransomware.

Ransomware

Ransomware Government Social Engineering Small Business

GUEST ESSAY: Caring criminals — why some ransomware gangs now avoid targeting hospitals

The Last Watchdog

SEPTEMBER 21, 2023

Ransomware is a significant threat to businesses worldwide. Related: How Putin has weaponized ransomware In mid-March 2020, representatives from the cybersecurity website BleepingComputer contacted numerous ransomware gangs to ask if they’d continue targeting hospitals during the unprecedented COVID-19 public health threat.

Ransomware

Ransomware Backups Cybersecurity Risk

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware.

Cybercrime

Cybercrime Ransomware DDOS Encryption

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Ransomware is undoubtedly one of the most unnerving phenomena in the cyber threat landscape. Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch inch diskettes. inch diskettes. FBI spoofs 2012 – 2013.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. penned a two-part analysis on why smart contracts will make ransomware more profitable.

Ransomware

Ransomware Cryptocurrency DDOS Scams

Tokyo 2020 Olympics must be extra secure to avoid cyberattacks and ransomware

Tech Republic Security

JULY 14, 2021

Any big event is likely to attract bad actors. Keeping the games safe from attack is a huge undertaking for event planners.

Ransomware

On the Irish Health Services Executive Hack

Schneier on Security

FEBRUARY 11, 2022

It had no documented cyber incident response runbooks or IT recovery plans (apart from documented AD recovery plans) for recovering from a wide-scale ransomware event. Over 30,000 machines were running Windows 7 (out of support since January 2020).

Antivirus

Antivirus Hacking Ransomware CISO

RSAC insights: How IABs — initial access brokers — help sustain, accelerate the ransomware plague

The Last Watchdog

JUNE 20, 2022

Or the payload might be a data exfiltration routine — or a full-blown ransomware attack. IABs contributed to threat actors dwelling longer before detection: the median attacker dwell time was 15 days in 2021, up from 11 days in 2020. Speaking of ransomware, cyber extortion continues to persist at a plague level.

Ransomware

Ransomware Digital transformation Marketing Software

Conti Ransomware Group Diaries, Part II: The Office

Krebs on Security

MARCH 2, 2022

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti , one of the more rapacious and ruthless ransomware gangs in operation today. – Penetration Testers/Hackers: Those on the front lines battling against corporate security teams to steal data, and plant ransomware.

Ransomware

Ransomware Antivirus Malware Cybercrime

Why Paying to Delete Stolen Data is Bonkers

Krebs on Security

NOVEMBER 4, 2020

Companies hit by ransomware often face a dual threat: Even if they avoid paying the ransom and can restore things from scratch, about half the time the attackers also threaten to release sensitive stolen data unless the victim pays for a promise to have the data deleted. ” Image: Coveware Q3 2020 report.

Ransomware

Ransomware Backups Data breaches Encryption

US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack

Tech Republic Security

DECEMBER 11, 2024

Chinese cybersecurity firm Sichuan Silence has been sanctioned for exploiting a vulnerability in Sophos firewalls used at critical infrastructure organizations in the U.S.

Cybersecurity

Cybersecurity Firewall Ransomware Software

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

Ransomware? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor.

Ransomware

Ransomware Risk Internet Internet

Medical testing company LifeLabs failed to protect customer data, report finds

Malwarebytes

NOVEMBER 27, 2024

In 2019, a ransomware attack hit LifeLabs, a Canadian medical testing company. The ransomware encrypted the lab results of 15 million Canadians, and personally identifiable information (PII) of 8.6 Reportedly , LifeLabs paid the ransomware group, which is why it’s still unknown which group was behind the attack.

Ransomware

Ransomware Healthcare Risk Encryption

6 Ways to Minimize Ransomware Damage

Security Boulevard

JANUARY 3, 2022

Ransomware is more pervasive than ever, and the number of attacks is mindboggling. With help from ransomware-as-a-service (RaaS), cybercriminals and organized “bad actors” continue to wreak havoc. The post 6 Ways to Minimize Ransomware Damage appeared first on Security Boulevard. Despite efforts by enterprises to secure.

Ransomware

Ransomware Cybersecurity Backups Security Awareness

Maze Ransomware Gang Allegedly Retires

Adam Levin

NOVEMBER 4, 2020

The infamous Maze ransomware gang has announced they will cease operations, effective immediately. . On November 1, the hacking group behind several high profile ransomware attacks in 2020 issued a rambling press release, riddled with spelling errors, on the dark web announcing, “it is officially closed.”.

Ransomware

Ransomware Scams Hacking Malware

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

In March 2020, Finastra suffered a ransomware attack that sidelined a number of the company’s core businesses for days. The simplest explanation is that something spooked abyss0 enough for them to abandon a number of pending sales opportunities, in addition to a well-manicured cybercrime persona.

Data breaches

Data breaches Banking Cybercrime Advertising

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. He declined to comment on the particulars of the extortion incident.

Hacking

Hacking Ransomware Banking Accountability

Security Breach Disrupts Fintech Firm Finastra

Krebs on Security

MARCH 20, 2020

The company’s public statement and notice to customers does not mention the cause of the outage, but their response so far is straight out of the playbook for dealing with ransomware attacks. ” Once considered by many to be isolated extortion attacks, ransomware infestations have become de facto data breaches for victim companies.

Ransomware

Ransomware Healthcare Banking Data breaches

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. In this post we’ll look at the clues left behind by “ Babam ,” the handle chosen by a cybercriminal who has sold such access to ransomware groups on many occasions over the past few years.

Ransomware

Ransomware Passwords Accountability Cybercrime

Think Ransomware Can’t Put You Out of Business?

Adam Levin

JUNE 30, 2020

We’re not even halfway through 2020, and already it’s been a record-breaking year for ransomware attacks. Millions of inboxes have been hit with a variant of Avaddon ransomware. The post Think Ransomware Can’t Put You Out of Business? 1-99-employee companies are a target. What can CEOs do?

Ransomware

Ransomware Insurance Cyber Insurance Manufacturing

?ryptocurrency and Ransomware — The Ultimate Friendship

The Hacker News

OCTOBER 18, 2022

Both cryptocurrency and ransomware are nothing new in the digital world; both have been there for a very long time, which was enough for them to find common pieces for starting their relationship. Ransomware can be like a virtual car that works on all types of fuels, and crypto is the one that is currently most recommended.

Ransomware

Ransomware Cryptocurrency

Ransomware Profitability

Microsoft Patch Tuesday, Sept. 2020 Edition

Trending Sources

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Conti’s Ransomware Toll on the Healthcare Industry

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Elpaco Ransomware: A New Threat Actor Leverages CVE-2020-1472 for Global Attacks

Russian Phobos ransomware operator faces cybercrime charges

A ransomware attack disrupted services at Pittsburgh Regional Transit

Researchers Quietly Cracked Zeppelin Ransomware Keys

Russian Hacker “Wazawaka” Indicted for Ransomware

Change Healthcare Breach Hits 100M Americans

On the Evolution of Ransomware

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Inside Ireland’s Public Healthcare Ransomware Scare

Conti Ransomware Group Diaries, Part I: Evasion

10 takeaways from Mimecast's 2020 email security report

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks

Dental group lied through teeth about data breach, fined $350,000

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

CISA advisory on LockBit: $91 million extorted from 1,700 attacks since 2020

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

GUEST ESSAY: Caring criminals — why some ransomware gangs now avoid targeting hospitals

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Tokyo 2020 Olympics must be extra secure to avoid cyberattacks and ransomware

On the Irish Health Services Executive Hack

RSAC insights: How IABs — initial access brokers — help sustain, accelerate the ransomware plague

Conti Ransomware Group Diaries, Part II: The Office

Why Paying to Delete Stolen Data is Bonkers

US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

Medical testing company LifeLabs failed to protect customer data, report finds

6 Ways to Minimize Ransomware Damage

Maze Ransomware Gang Allegedly Retires

Fintech Giant Finastra Investigating Data Breach

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Security Breach Disrupts Fintech Firm Finastra

Who Is the Network Access Broker ‘Babam’?

Think Ransomware Can’t Put You Out of Business?

?ryptocurrency and Ransomware — The Ultimate Friendship

Stay Connected