Security Affairs

JULY 8, 2022

Emsisoft has released a free decryption tool that allows victims of the AstraLocker and Yashma ransomware to recover their files without paying a ransom. Cybersecurity firm Emsisoft released a free decryptor tool that allows victims of the AstraLocker and Yashma ransomware to recover their files without paying a ransom.

Ransomware 130

Ransomware Encryption Malware Accountability 130

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic. A surprising 91.5

Encryption 145

Encryption Malware Ransomware Firewall 145

Security Affairs

JULY 23, 2022

DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. reads the advisory published by US authorties. “The

Ransomware 133

Ransomware Healthcare Cryptocurrency Encryption 133

Security Affairs

AUGUST 15, 2022

The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time. The malware encrypts the files inside the infected devices using an AES algorithm and renaming them with the extension “.enc”.

Encryption 98

Encryption Malware Banking Ransomware 98

Herjavec Group

SEPTEMBER 24, 2021

Ransomware is a breakout ransomware group that became operational shortly after the shutdown of the REvil Ransomware and DarkSide Ransomware operations in late Summer 2021. Furthermore, they have openly claimed that BlackMatter is the product of reproducing the “best parts” of previous ransomware operations [1].

Ransomware 109

Ransomware Manufacturing Energy and Utilities Encryption 109

Security Affairs

OCTOBER 13, 2023

FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort aimed at sharing technical details associated with various ransomware operations.

Ransomware 124

Ransomware System Administration Antivirus Malware 124

Security Affairs

OCTOBER 31, 2021

Chaos Ransomware operators target gamers’ Windows devices using Minecraft alt lists as a lure and promoting them on gaming forums. Minecraft is one of the most popular games in the world, it had more than 140 million monthly active players in August 2021. ” reads the analysis published by the experts.

Ransomware 132

Ransomware Encryption Accountability Mobile 132

Security Affairs

FEBRUARY 12, 2022

CISA, FBI and NSA published a joint advisory warning of ransomware attacks targeting critical infrastructure organizations. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Cybersecurity agencies from the U.K., ” reads the joint advisory.

Ransomware 92

Ransomware Backups Encryption Accountability 92

CyberSecurity Insiders

FEBRUARY 25, 2022

A malware that can take over social media accounts of victims is seen propelling on Microsoft App Store and reports are in that it has so far infected over 5,000 accounts in the disguise of fake Temple Run and Subway Surfer games.

Malware 121

Malware Ransomware Media Encryption 121

Security Affairs

FEBRUARY 5, 2022

The FBI released a flash alert containing technical details associated with the LockBit ransomware operation. The Federal Bureau of Investigation (FBI) has issued a flash alert containing technical details and indicators of compromise associated with LockBit ransomware operations. Like other ransomware gangs, Lockbit 2.0

Ransomware 90

Ransomware Backups Encryption Accountability 90

Krebs on Security

FEBRUARY 14, 2022

In January, KrebsOnSecurity examined clues left behind by “ Wazawaka ,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. ” The @fuck_maze account messaged me a few times on Twitter, but largely stayed silent until Jan.

VPN 206

VPN Ransomware Cybercrime Accountability 206

Thales Cloud Protection & Licensing

APRIL 22, 2022

So You Think You Are Protected With Cloud Native Encryption? According to industry surveys, like the IBM 2021 Data Breach Investigations Report, a very high percentage of data breaches occur because attackers are abusing system privileges. Understanding encryption in Amazon EBS. Fri, 04/22/2022 - 09:54. Use AWS managed key.

Encryption 100

Encryption Data breaches Backups Accountability 100

Security Affairs

AUGUST 9, 2021

ransomware attacks against Australian organizations starting July 2021. ransomware attacks against Australian organizations in multiple industry sectors starting July 2021. The Australian agency also published 2021-006: ACSC Ransomware Profile – Lockbit 2.0 ransomware. . ransomware.

Ransomware 117

Ransomware Retail Manufacturing Encryption 117

CyberSecurity Insiders

OCTOBER 27, 2021

First is the news related to a ransomware attack on a Candy maker that trade experts say could lead to chocolate scarcity when it is most needed by/for kids. ENISA says that between the periods of April 2020 to July 2021, many of the government agencies, along with some companies, were targeted with ransomware attacks by state funded actors.

Ransomware 120

Ransomware Government Cyber threats Malware 120

Malwarebytes

OCTOBER 11, 2023

The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. EDR can detect an intruder's suspicious activity in advance of them running ransomware, as well as being able to identify the ransomware itself.

Antivirus 105

Antivirus Insurance Ransomware Healthcare 105

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Disable unused ports.

Ransomware 104

Ransomware DDOS Passwords Backups 104

SecureWorld News

SEPTEMBER 16, 2022

have sanctioned 10 individuals and two entities associated with Iran's Islamic Revolutionary Guard Corps (IRGC) for their participation in malicious cyber activity, including ransomware. The actors used their access to move laterally within the network, encrypt network devices with BitLocker, and hold the decryption keys for ransom.".

Ransomware 86

Ransomware Government Encryption Antivirus 86

The Last Watchdog

MAY 5, 2022

Ransomware? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor.

Ransomware 247

Ransomware Risk Internet Internet 247

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. It continues: “Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system.

Ransomware 219

Ransomware Accountability Cybercrime Backups 219

Security Affairs

FEBRUARY 14, 2022

The US Federal Bureau of Investigation (FBI) said that the BlackByte ransomware gang has breached at least three organizations from US critical infrastructure sectors. Secret Service (USSS) to provide information on BlackByte ransomware. Use double authentication when logging into accounts or services.

Ransomware 91

Ransomware Accountability Firmware Antivirus 91

Malwarebytes

OCTOBER 28, 2021

Ranzy Locker ransomware emerged in late 2020, when the variant began to target victims in the United States. Ranzy Locker is a successor of ThunderX and AKO ransomware. Ransomware-as-a-Service. The group behind Ranzy Locker is not very different in its business approach from other “big game” ransomware gangs.

Ransomware 104

Ransomware Backups Encryption Firmware 104

Malwarebytes

MAY 6, 2022

The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of proprietary and open-source intelligence. Onyx is a new ransomware gang based on the old Chaos builder. Ransomware attacks in April 2022. Attacks by ransomware type.

Ransomware 86

Ransomware Encryption Accountability Technology 86

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware 104

Ransomware Penetration Testing Healthcare Government 104

Malwarebytes

FEBRUARY 14, 2022

The San Francisco 49ers has confirmed that it has been hit by a ransomware attack. The BlackByte ransomware gang has already claimed responsibility for the attack by leaking a small number of files it claims to have been stolen. On the eve of the #SuperBowl the #49ers get posted as a #Blackbyte #ransomware victim.

Ransomware 93

Ransomware Backups Encryption InfoSec 93

Malwarebytes

DECEMBER 1, 2022

In the latest #StopRansomware effort of publicizing ransomware information for network defenders, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint Cybersecurity Advisory (CSA) on the ransomware known as "Cuba." Cuba ransomware 101.

Ransomware 91

Ransomware Financial Services Accountability Malware 91

Security Affairs

MAY 20, 2021

Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. The RAT was designed to steal data from victims while masquerading as a ransomware attack. pic.twitter.com/mGow2sJupN — Microsoft Security Intelligence (@MsftSecIntel) May 19, 2021. crimson extension.

Ransomware 129

Ransomware Malware Encryption Security Intelligence 129

Malwarebytes

JULY 20, 2022

Maui ransomware. Monaco said at the International Conference on Cyber Security: “Thanks to rapid reporting and cooperation from a victim, the FBI and Justice Department prosecutors have disrupted the activities of a North Korean state-sponsored group deploying ransomware known as ‘Maui.’”. Deputy Attorney General Lisa O.

Ransomware 94

Ransomware Cryptocurrency Healthcare Firmware 94

eSecurity Planet

FEBRUARY 15, 2022

Ransomware attacks on critical infrastructure and a surge in exploited vulnerabilities are getting the attention of U.S. BlackByte Ransomware Attack Methods, IoCs. The FBI-Secret Service warning came just ahead of news that the NFL’s San Francisco 49ers had also been hit by BlackByte ransomware. The FBI and U.S.

Ransomware 128

Ransomware Encryption Backups Accountability 128

Security Affairs

MAY 13, 2023

The CheckMate ransomware operators have been targeting the Server Message Block (SMB) communication protocol used for file sharing to compromise their victims’ networks. That’s quite unusual for a ransomware campaign since many prominent gangs brag about big targets and post them as victims on their data leak sites.

Ransomware 92

Ransomware Encryption Passwords Internet 92

Malwarebytes

MARCH 10, 2022

In this February 2022 ransomware review, we go over some the most successful ransomware incidents based on both open source and dark web intelligence. > BlackByte Ransomware Sample hash: 1df11bc19aa52b623bdf15380e3fded56d8eb6fb7b53a2240779864b1a6474ad. Observed since: February 2022 Ransomware note: .<company_name>

Ransomware 73

Ransomware Phishing Accountability Technology 73

Malwarebytes

DECEMBER 23, 2021

German logistics giant Hellmann Worldwide Logistics has issued a warning that data was stolen from the company when it was hit with a ransomware attack on December 9, 2021. Many ransomware operators use the threat of leaking stolen data for extra leverage during the ransom negotiation stage. Free to download.

Scams 124

Scams Ransomware Social Engineering Banking 124

Security Affairs

OCTOBER 9, 2021

American media conglomerate Cox Media Group (CMG) was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021. The American media conglomerate Cox Media Group (CMG) announced it was hit by a ransomware attack that caused the interruption of the live TV and radio broadcast streams in June 2021.

Media 107

Media Ransomware Identity Theft Insurance 107

Security Affairs

MARCH 18, 2023

ransomware gang. ransomware. ransomware. ransomware as recently as March 2023.” functions as an affiliate-based ransomware variant and is a continuation of LockBit 2.0 ransomware as recently as March 2023.” functions as an affiliate-based ransomware variant and is a continuation of LockBit 2.0

Ransomware 83

Ransomware Penetration Testing Encryption Accountability 83

SecureWorld News

JULY 7, 2022

United States government agencies recently released a joint Cybersecurity Advisory (CSA) providing information on how North Korean state-sponsored threat actors are actively using Maui ransomware to attack healthcare organizations. What is Maui ransomware? Using manually operated ransomware.

Healthcare 77

Healthcare Ransomware Encryption Government 77

CyberSecurity Insiders

FEBRUARY 25, 2022

AT&T Alien Labs™ is writing this report about recently created ransomware malware dubbed BlackCat which was used in a January 2022 campaign against two international oil companies headquartered in Germany, Oiltanking and Mabanaft. Key takeaways: The ransomware BlackCat is coded in Rust and was created in November 2021.

Ransomware 119

Ransomware Encryption Malware Backups 119

Security Affairs

FEBRUARY 10, 2023

North Korea-linked APT groups conduct ransomware attacks against healthcare and critical infrastructure facilities to fund its activities. Ransomware attacks on critical infrastructure conducted by North Korea-linked hacker groups are used by the government of Pyongyang to fund its malicious cyber operations, U.S.

Ransomware 82

Ransomware Healthcare Cryptocurrency Government 82

Security Affairs

DECEMBER 15, 2021

While investigating a data breach suffered by a healthcare organization, FBI accidentally revealed that it believes that the HelloKitty ransomware gang operates out of Ukraine. ” The HelloKitty gang has been active since January 2021 and it is still active. SecurityAffairs – hacking, HelloKitty ransomware).

Ransomware 94

Ransomware Data breaches DDOS Healthcare 94