Security Affairs

JUNE 24, 2024

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gang called ExCobalt targeted Russian organizations in multiple sectors with a previously unknown Golang-based backdoor known as GoRed.

Cybercrime 116

Cybercrime Telecommunications DNS Technology 116

Krebs on Security

FEBRUARY 14, 2022

In January, KrebsOnSecurity examined clues left behind by “ Wazawaka ,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. 26, 2020, a new user named Biba99 registered on the English language cybercrime forum RaidForums. ” Around Apr.

Ransomware 242

Ransomware VPN Cybercrime Accountability 242

SecureList

APRIL 18, 2022

Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. Geography of the Yanluowang attacks, December 4th, 2021 – April 8th, 2022 ( download ). The encryption code for big files. Yanluowang description.

Encryption 145

Encryption Ransomware Backups VPN 145

SecureList

APRIL 18, 2022

Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. Geography of the Yanluowang attacks, December 4th, 2021 – April 8th, 2022 ( download ). The encryption code for big files. Yanluowang description.

Encryption 144

Encryption Ransomware Backups VPN 144

Security Affairs

FEBRUARY 23, 2021

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Cybercrime 123

Cybercrime Software Ransomware Cyber Attacks 123

Security Affairs

MARCH 10, 2025

@chicagotribune @ABC7Chicago pic.twitter.com/bwRCHqCS9o — Dominic Alvieri (@AlvieriD) March 10, 2025 RansomHouse is a data extortion group that has been active since Dec 2021. Unlike other extortion group, the gang doesnt encrypt data, but focuses on data theft to speed up its activity. Victims include AMD and Keralty.

Hacking 114

Hacking Healthcare Backups Ransomware 114

SecureList

MAY 12, 2021

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. But it is worth pointing out that not all members of this ecosystem originate from the cybercrime underworld.

Ransomware 145

Ransomware Encryption Malware Cybercrime 145

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. It’s just some kind of sabotage.”

Ransomware 303

Ransomware Healthcare Cybercrime Government 303

Krebs on Security

APRIL 6, 2021

It appears much of this database has been kicking around the cybercrime underground in one form or another since last summer at least. A cybercrime forum ad from June 2020 selling a database of 533 Million Facebook users. I also respond at Krebswickr on the encrypted messaging platform Wickr. billion active monthly users.

Mobile 358

Mobile Accountability Passwords Authentication 358

Security Affairs

FEBRUARY 21, 2022

Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data. Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data without knowing the private key used by the gang to encrypt files.

Encryption 98

Encryption Ransomware VPN Malware 98

Security Affairs

JUNE 13, 2021

The Anti-Phishing Working Group (APWG) revealed that the number of phishing websites peaked at record levels in the first quarter of 2021. The Anti-Phishing Working Group (APWG) has published its new Phishing Activity Trends Report related to the first quarter of 2021. Reported Phishing Websites for Q1 2021.

Phishing 123

Phishing Advertising Cryptocurrency Encryption 123

eSecurity Planet

JUNE 24, 2021

The increasing mobility of data, as it ping-pongs between clouds, data centers and the edge, has made it an easier target of cybercrime groups, which has put a premium on the encryption of that data in recent years. However, there is a glaring weakness. Putting a Focus on FHE. It’s available on GitHub. DARPA Gets In on the Effort.

Encryption 113

Encryption Marketing Software Data privacy 113

Security Affairs

SEPTEMBER 19, 2022

AquaSec researchers observed the cybercrime gang TeamTNT hijacking servers to run Bitcoin solver since early September. In the first week of September, AquaSec researchers identified at least three different attacks targeting their honeypots, the experts associated them with the cybercrime gang TeamTNT. ” continue the experts.

Encryption 98

Encryption Cybercrime Hacking Malware 98

CyberSecurity Insiders

JUNE 26, 2023

In recent months, a cybercrime group known as Blacktail has begun to make headlines as they continue to target organizations around the globe. Two of the most popular tools that have been used by the cybercrime group are LockBit 3.0 Babuk is a ransomware that was first discovered in early 2021. Both LockBit 3.0

Cybercrime 100

Cybercrime Ransomware Social Engineering Phishing 100

Security Affairs

FEBRUARY 7, 2023

A new Linux variant of the Clop ransomware has been observed in the wild, the good news is that its encryption algorithm is flawed. The researchers noticed that the encryption algorithm implemented in the ELF executable is flawed and can allow victims to decrypt locked files without paying a ransom. ” continues the report.

Encryption 98

Encryption Ransomware Cybercrime Engineering 98

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. Ireland’s Health Service Executive (HSE), which operates the country’s public health system, got hit with Conti ransomware on May 14, 2021.

Healthcare 325

Healthcare Ransomware Antivirus Hacking 325

Krebs on Security

FEBRUARY 16, 2022

The same day the ICRC went public with its breach, someone using the nickname “ Sheriff ” on the English-language cybercrime forum RaidForums advertised the sale of data from the Red Cross and Red Crescent Movement. 9, 2021, using an unpatched critical vulnerability (CVE-2021-40539). ” Update, 2:00 p.m.,

Hacking 295

Hacking Ransomware Media Accountability 295

Security Affairs

NOVEMBER 1, 2021

The HelloKitty ransomware group, like other ransomware gangs, implements a double extortion model, stealing sensitive documents from victims before encrypting them. CVE-2021-20016 , CVE-2021-20021 , CVE-2021-20022 , CVE-2021-2002 ) or using compromised credentials. SecurityAffairs – hacking, cybercrime).

DDOS 145

DDOS Ransomware Cybercrime Encryption 145

Security Boulevard

FEBRUARY 14, 2025

And get the latest on ransomware trends and on cybercrime legislation and prevention! American Scientist) Quantum and the Threat to Encryption (SecurityWeek) Quantum Computing Advances in 2024 Put Security In Spotlight (Dark Reading) Quantum computing could threaten cybersecurity measures.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. The Macaw Locker ransomware encrypts victims’ files and append the .macaw macaw extension to the file name of the encrypted files. In 2019, the U.S.

Ransomware 141

Ransomware Cybercrime Banking Encryption 141

Security Affairs

JUNE 30, 2021

Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious purposes. “On 29th of June 2021, law enforcement took down DoubleVPN. SecurityAffairs – hacking, cybercrime ). ” reads the press release published by the EUROPOL.

VPN 141

VPN Cybercrime Encryption Advertising 141

Malwarebytes

FEBRUARY 16, 2021

Today, we are showing readers just what that evolution looked like, in our State of Malware 2021 report. If 2020 taught us anything, it’s that cybercrime stops for nothing. To get the full story, read the State of Malware 2021 report. Read the State of Malware 2021 report appeared first on Malwarebytes Labs.

Malware 132

Malware Scams Spyware Healthcare 132

Security Affairs

JANUARY 30, 2021

The FonixCrypter gang also closed its Telegram channel that was used to advertise the malware in the cybercrime underground. The availability of the master decryption key allows the victims to recover their encrypted files for free. Unfortunately, at the time of writing the RAR archive is not available.

Ransomware 142

Ransomware Encryption Malware Cybercrime 142

Security Boulevard

FEBRUARY 24, 2021

Fortunately, emerging trends in the financial technology sector may have the potential to turn the tide of cybercrime and keep our financial data safe. . Fintech Trends for 2021 and Beyond Even in the deluge of attacks on our digital systems, defender confidence has remained strong.

Cybersecurity 105

Cybersecurity Artificial Intelligence Risk Cybercrime 105

eSecurity Planet

AUGUST 13, 2021

As cybercrime flourishes and evolves, organizations need a fleet of tools to defend and investigate incidents. This article looks at the top digital forensic software tools of 2021 and what customers should consider when buying or acquiring a DSF tool. Best Digital Forensics Software Tools of 2021. The Sleuth Kit and Autopsy.

Software 139

Software Computers and Electronics Marketing Mobile 139

Security Affairs

NOVEMBER 13, 2021

Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. in) used by the attackers. Pierluigi Paganini.

Encryption 111

Encryption Malware Media Authentication 111

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Encrypting sensitive data wherever possible. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. healthcare organizations.

Healthcare 323

Healthcare Backups Ransomware Insurance 323

Security Affairs

FEBRUARY 6, 2023

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. The malware changes the extension of the encrypted files to ‘.royal’.

Encryption 98

Encryption Ransomware Malware Healthcare 98

Security Affairs

AUGUST 15, 2022

The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time. The malware encrypts the files inside the infected devices using an AES algorithm and renaming them with the extension “.enc”.

Encryption 98

Encryption Malware Banking Ransomware 98

Krebs on Security

DECEMBER 19, 2023

. “We will continue to prioritize disruptions and place victims at the center of our strategy to dismantle the ecosystem fueling cybercrime.” BlackCat attacks usually involve encryption and theft of data; if victims refuse to pay a ransom, the attackers typically publish the stolen data on a BlackCat-linked darknet site.

Ransomware 314

Ransomware Cybercrime Advertising Encryption 314

SecureList

AUGUST 1, 2024

Mallox Mallox is another relatively new ransomware variant that first came to light in 2021 and kicked off an affiliate program in 2022. For example, the main C2 channel is a GitHub repository, which makes them easier to track, and communication is maintained over Telegram rather than a dedicated server on the TOR network.

Ransomware 119

Ransomware Cybercrime Education Malware 119

SecureWorld News

MARCH 27, 2025

A hacker's claim, and denial from Oracle The story surfaced in early March when a hacker using the alias "rose87168" posted on a cybercrime forum, claiming responsibility for a massive data breach at Oracle. CloudSEK also identified the likely exploit vector as CVE-2021-35587, a known critical vulnerability in Oracle Access Manager.

CISO 62

CISO Data breaches Encryption Passwords 62

Security Affairs

MARCH 13, 2025

“Medusa is a ransomware-as-a-service (RaaS) variant first identified in June 2021. Medusa operators leverage legitimate remote access tools like AnyDesk, Atera, and Splashtop, alongside RDP and PsExec, to move laterally and locate files for exfiltration and encryption. ” reads the joint advisory.

Ransomware 68

Ransomware Encryption Cryptocurrency Insurance 68

Security Affairs

SEPTEMBER 17, 2022

The cybersecurity firm Bitdefender has released a free decryptor to allow LockerGoga ransomware victims to recover their encrypted files without paying a ransom. In order to decrypt the files, users have to provide the path containing pairs of clean-encrypted files. ” reads the announcement published by the security firm.

Ransomware 135

Ransomware Encryption Backups Cybercrime 135

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. 24, Russia invades Ukraine, and fault lines quickly begin to appear in the cybercrime underground. I will also continue to post on LinkedIn about new stories in 2023. ” SEPTEMBER.

Cryptocurrency 288

Cryptocurrency Cybercrime Computers and Electronics Scams 288

Security Affairs

APRIL 3, 2021

The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. In February, the Spanish student Javier Yuste released a free decryption tool for the Avaddon ransomware that can be used by the victims to recover their encrypted files for free.

Ransomware 136

Ransomware Encryption Malware Cybercrime 136

eSecurity Planet

FEBRUARY 16, 2021

All of your files are encrypted with RSA-2048 and AES-128 ciphers.” ” Or you might see a readme.txt stating, “Your files have been replaced by these encrypted containers and aren’t accessible; you will lose your files on [enter date] unless you pay $2500 in Bitcoin.” IMPORTANT INFORMATION !!! Statistics.

Ransomware 97

Ransomware Backups Software Encryption 97