Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. ” These upgrades prove that Hive is one of the fastest evolving ransomware families in the cybercrime ecosystem. . ” reads the post published by Microsoft.

Encryption 142

Encryption Ransomware Cybercrime Malware 142

Security Affairs

FEBRUARY 23, 2021

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Cybercrime 132

Cybercrime Software Ransomware Cyber Attacks 132

SecureList

APRIL 18, 2022

Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. Geography of the Yanluowang attacks, December 4th, 2021 – April 8th, 2022 ( download ). The encryption code for big files. Yanluowang description.

Encryption 145

Encryption Ransomware Backups VPN 145

SecureList

APRIL 18, 2022

Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. Geography of the Yanluowang attacks, December 4th, 2021 – April 8th, 2022 ( download ). The encryption code for big files. Yanluowang description.

Encryption 140

Encryption Ransomware Backups VPN 140

Krebs on Security

FEBRUARY 14, 2022

In January, KrebsOnSecurity examined clues left behind by “ Wazawaka ,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. 26, 2020, a new user named Biba99 registered on the English language cybercrime forum RaidForums. ” Around Apr.

VPN 217

VPN Ransomware Cybercrime Accountability 217

Security Affairs

JUNE 13, 2021

The Anti-Phishing Working Group (APWG) revealed that the number of phishing websites peaked at record levels in the first quarter of 2021. The Anti-Phishing Working Group (APWG) has published its new Phishing Activity Trends Report related to the first quarter of 2021. Reported Phishing Websites for Q1 2021.

Phishing 133

Phishing Advertising Cryptocurrency Encryption 133

SecureList

MAY 12, 2021

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. But it is worth pointing out that not all members of this ecosystem originate from the cybercrime underworld.

Ransomware 142

Ransomware Encryption Malware Cybercrime 142

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. It’s just some kind of sabotage.”

Ransomware 305

Ransomware Healthcare Cybercrime Government 305

Krebs on Security

APRIL 6, 2021

It appears much of this database has been kicking around the cybercrime underground in one form or another since last summer at least. A cybercrime forum ad from June 2020 selling a database of 533 Million Facebook users. I also respond at Krebswickr on the encrypted messaging platform Wickr. billion active monthly users.

Mobile 360

Mobile Accountability Passwords Authentication 360

Security Affairs

FEBRUARY 21, 2022

Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data. Researchers discovered a flaw in the encryption algorithm used by Hive ransomware that allowed them to decrypt data without knowing the private key used by the gang to encrypt files.

Encryption 98

Encryption Ransomware VPN Malware 98

SecureList

AUGUST 12, 2021

Communication with the server can take place either over raw TCP sockets encrypted with RC4, or via HTTPS. While analyzing the CVE-2021-1732 exploit, first discovered by DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we found another zero-day exploit that we believe is linked to the same threat actor.

Ransomware 145

Ransomware Malware Banking Encryption 145

Security Affairs

SEPTEMBER 19, 2022

AquaSec researchers observed the cybercrime gang TeamTNT hijacking servers to run Bitcoin solver since early September. In the first week of September, AquaSec researchers identified at least three different attacks targeting their honeypots, the experts associated them with the cybercrime gang TeamTNT. ” continue the experts.

Encryption 98

Encryption Cybercrime Hacking Malware 98

CyberSecurity Insiders

JUNE 26, 2023

In recent months, a cybercrime group known as Blacktail has begun to make headlines as they continue to target organizations around the globe. Two of the most popular tools that have been used by the cybercrime group are LockBit 3.0 Babuk is a ransomware that was first discovered in early 2021. Both LockBit 3.0

Cybercrime 100

Cybercrime Social Engineering Ransomware Phishing 100

Security Affairs

FEBRUARY 7, 2023

A new Linux variant of the Clop ransomware has been observed in the wild, the good news is that its encryption algorithm is flawed. The researchers noticed that the encryption algorithm implemented in the ELF executable is flawed and can allow victims to decrypt locked files without paying a ransom. ” continues the report.

Encryption 98

Encryption Ransomware Cybercrime Engineering 98

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. The Macaw Locker ransomware encrypts victims’ files and append the .macaw macaw extension to the file name of the encrypted files. In 2019, the U.S.

Ransomware 144

Ransomware Cybercrime Banking Encryption 144

Security Affairs

JUNE 30, 2021

Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious purposes. “On 29th of June 2021, law enforcement took down DoubleVPN. SecurityAffairs – hacking, cybercrime ). ” reads the press release published by the EUROPOL.

VPN 144

VPN Cybercrime Encryption Advertising 144

Malwarebytes

FEBRUARY 16, 2021

Today, we are showing readers just what that evolution looked like, in our State of Malware 2021 report. If 2020 taught us anything, it’s that cybercrime stops for nothing. To get the full story, read the State of Malware 2021 report. Read the State of Malware 2021 report appeared first on Malwarebytes Labs.

Malware 139

Malware Scams Spyware Healthcare 139

Security Affairs

NOVEMBER 1, 2021

The HelloKitty ransomware group, like other ransomware gangs, implements a double extortion model, stealing sensitive documents from victims before encrypting them. CVE-2021-20016 , CVE-2021-20021 , CVE-2021-20022 , CVE-2021-2002 ) or using compromised credentials. SecurityAffairs – hacking, cybercrime).

DDOS 145

DDOS Ransomware Cybercrime Encryption 145

Krebs on Security

FEBRUARY 16, 2022

The same day the ICRC went public with its breach, someone using the nickname “ Sheriff ” on the English-language cybercrime forum RaidForums advertised the sale of data from the Red Cross and Red Crescent Movement. 9, 2021, using an unpatched critical vulnerability (CVE-2021-40539). ” Update, 2:00 p.m.,

Hacking 281

Hacking Ransomware Media Accountability 281

Security Affairs

JANUARY 30, 2021

The FonixCrypter gang also closed its Telegram channel that was used to advertise the malware in the cybercrime underground. The availability of the master decryption key allows the victims to recover their encrypted files for free. Unfortunately, at the time of writing the RAR archive is not available.

Ransomware 144

Ransomware Encryption Malware Cybercrime 144

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. Ireland’s Health Service Executive (HSE), which operates the country’s public health system, got hit with Conti ransomware on May 14, 2021.

Healthcare 306

Healthcare Ransomware Antivirus Software 306

Security Boulevard

FEBRUARY 24, 2021

Fortunately, emerging trends in the financial technology sector may have the potential to turn the tide of cybercrime and keep our financial data safe. . Fintech Trends for 2021 and Beyond Even in the deluge of attacks on our digital systems, defender confidence has remained strong.

Cybersecurity 105

Cybersecurity Artificial Intelligence Risk Cybercrime 105

eSecurity Planet

AUGUST 13, 2021

As cybercrime flourishes and evolves, organizations need a fleet of tools to defend and investigate incidents. This article looks at the top digital forensic software tools of 2021 and what customers should consider when buying or acquiring a DSF tool. Best Digital Forensics Software Tools of 2021. The Sleuth Kit and Autopsy.

Software 139

Software Computers and Electronics Marketing Mobile 139

Security Affairs

NOVEMBER 13, 2021

Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. in) used by the attackers. Pierluigi Paganini.

Encryption 111

Encryption Malware Media Authentication 111

Security Affairs

SEPTEMBER 17, 2022

The cybersecurity firm Bitdefender has released a free decryptor to allow LockerGoga ransomware victims to recover their encrypted files without paying a ransom. In order to decrypt the files, users have to provide the path containing pairs of clean-encrypted files. ” reads the announcement published by the security firm.

Ransomware 141

Ransomware Encryption Backups Cybercrime 141

Security Affairs

FEBRUARY 6, 2023

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. The malware changes the extension of the encrypted files to ‘.royal’.

Encryption 98

Encryption Ransomware Malware Healthcare 98

Security Affairs

AUGUST 15, 2022

The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time. The malware encrypts the files inside the infected devices using an AES algorithm and renaming them with the extension “.enc”.

Encryption 98

Encryption Malware Banking Ransomware 98

Security Affairs

DECEMBER 10, 2021

Another one used to encrypt companies' networks. demonslay335 @VK_Intel pic.twitter.com/YttzWWUD3c — MalwareHunterTeam (@malwrhunterteam) December 8, 2021. Unlike other malware, ALPHV (BlackCat) is the first Rust ransomware that was used in attacks in the wild by a cybercrime organization. Also look at that UI.

Ransomware 129

Ransomware Malware Cybercrime Encryption 129

SecureList

AUGUST 1, 2024

Mallox Mallox is another relatively new ransomware variant that first came to light in 2021 and kicked off an affiliate program in 2022. For example, the main C2 channel is a GitHub repository, which makes them easier to track, and communication is maintained over Telegram rather than a dedicated server on the TOR network.

Ransomware 118

Ransomware Cybercrime Education Malware 118

eSecurity Planet

JUNE 24, 2021

The increasing mobility of data, as it ping-pongs between clouds, data centers and the edge, has made it an easier target of cybercrime groups, which has put a premium on the encryption of that data in recent years. However, there is a glaring weakness. Putting a Focus on FHE. It’s available on GitHub. DARPA Gets In on the Effort.

Encryption 90

Encryption Marketing Software Data privacy 90

Security Affairs

APRIL 3, 2021

The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. In February, the Spanish student Javier Yuste released a free decryption tool for the Avaddon ransomware that can be used by the victims to recover their encrypted files for free.

Ransomware 140

Ransomware Encryption Malware Cybercrime 140

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Encrypting sensitive data wherever possible. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. healthcare organizations.

Healthcare 306

Healthcare Backups Ransomware Insurance 306

Malwarebytes

MARCH 20, 2024

Earlier this week, the data of over 70 million people was posted for sale on an online cybercrime forum. The person selling the data claims it stems from a 2021 breach at AT&T. Back in 2021, a hacker named Shiny Hunters claimed to have breached AT&T and put the alleged stolen data up for sale for $1 million for a direct sell.

Identity Theft 144

Identity Theft Data breaches Cybercrime Mobile 144

Krebs on Security

DECEMBER 19, 2023

. “We will continue to prioritize disruptions and place victims at the center of our strategy to dismantle the ecosystem fueling cybercrime.” BlackCat attacks usually involve encryption and theft of data; if victims refuse to pay a ransom, the attackers typically publish the stolen data on a BlackCat-linked darknet site.

Ransomware 296

Ransomware Cybercrime Advertising Encryption 296

eSecurity Planet

FEBRUARY 16, 2021

All of your files are encrypted with RSA-2048 and AES-128 ciphers.” ” Or you might see a readme.txt stating, “Your files have been replaced by these encrypted containers and aren’t accessible; you will lose your files on [enter date] unless you pay $2500 in Bitcoin.” IMPORTANT INFORMATION !!! Statistics.

Ransomware 97

Ransomware Backups Software Encryption 97

Security Affairs

JANUARY 12, 2022

Upon executing the Omicron Stats.exe, it unpacks resources encrypted with triple DES using ciphermode ECB and padding mode PKCS7. 2021-11-26 04:34:54 2021-11-26 10:05:15 149.154.167.91 2021-12-05 12:06:03 2021-12-05 13:19:35 149.154.167.91 2021-12-09 16:18:46 2021-12-09 20:00:13 149.154.167.91

Malware 145

Malware Manufacturing Cryptocurrency Cybercrime 145

Security Affairs

MAY 2, 2024

In November 2021, the US Department of Justice charged Vasinskyi, REvil ransomware affiliate, for orchestrating the ransomware attacks on Kaseya MSP platform that took place on July 4, 2021. victims, and we are disrupting the broader cybercrime ecosystem.” ” reads the press release published by DoJ.

Ransomware 134

Ransomware Cryptocurrency Cybercrime Encryption 134