SecureList

MAY 11, 2022

Ahead of the Anti-Ransomware Day, we summarized the tendencies that characterize ransomware landscape in 2022. This year, ransomware is no less active than before: cybercriminals continue to threaten nationwide retailers and enterprises , old variants of malware return while the new ones develop.

Ransomware 144

Ransomware Encryption Malware Cybercrime 144

eSecurity Planet

AUGUST 4, 2022

It’s been a couple of decades since data tapes delivered by trucks made encryption a standard enterprise cybersecurity practice. Yet even as technology has changed, sending and receiving data remains a major vulnerability, ensuring encryption’s place as a foundational security practice. What is Encryption?

Encryption 123

Encryption Software Computers and Electronics Technology 123

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. ” These upgrades prove that Hive is one of the fastest evolving ransomware families in the cybercrime ecosystem. . ” reads the post published by Microsoft.

Encryption 142

Encryption Ransomware Cybercrime Malware 142

Malwarebytes

JUNE 1, 2022

We can now add “a ransomware attack” to this once static list. When a ransomware attack takes out an organization, they often revert to pen and paper to keep things ticking over. When ransomware locks down a chunk of historical data, things apparently become much more convoluted. Tips to avoid ransomware.

Ransomware 144

Ransomware Backups Encryption Authentication 144

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. It’s just some kind of sabotage.” 23, 2020.

Ransomware 305

Ransomware Healthcare Cybercrime Government 305

Krebs on Security

SEPTEMBER 18, 2023

The victim shaming website operated by the cybercriminals behind 8Base — currently one of the more active ransomware groups — was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The 8Base ransomware group’s victim shaming website on the darknet.

Ransomware 281

Ransomware Accountability Encryption Internet 281

CSO Magazine

DECEMBER 14, 2022

A new ransomware group dubbed Royal that formed earlier this year has significantly ramped up its operations over the past few months and developed its own custom ransomware program that allows attackers to perform flexible and fast file encryption. To read this article in full, please click here

Encryption 120

Encryption Ransomware 120

Hacker Combat

MAY 10, 2022

To breach a company, ransomware attackers utilize a variety of methods. A researcher has demonstrated how a vulnerability common to several ransomware families can help take control of the malware and stop it from encrypting files on infected devices. Malvuln had almost 600 malware vulnerabilities as of May 4, 2022.

Encryption 132

Encryption Ransomware Malware Cyber Attacks 132

Security Affairs

JANUARY 2, 2024

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor.

Ransomware 140

Ransomware Encryption Insurance Malware 140

SecureList

APRIL 18, 2022

Yanluowang is a type of targeted ransomware discovered by the Symantec Threat Hunter team as they were investigating an incident on a large corporate network. Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files.

Encryption 145

Encryption Ransomware Backups VPN 145

CyberSecurity Insiders

SEPTEMBER 20, 2022

According to a Monday Twitter update posted by Uber, Lapsus$ ransomware spreading gang is suspected to be behind the cyber attack on its repositories, email and cloud systems and internal slack communication servers. The post Uber data breach 2022 Update on Lapsus$ Ransomware appeared first on Cybersecurity Insiders.

Data breaches 127

Data breaches Ransomware Cyber Attacks Accountability 127

CyberSecurity Insiders

JANUARY 3, 2023

The ransomware attack that took place on British Daily Newspaper ‘The Guardian’ seems to have intensified deeply as the staff of the media group has been advised to work from home and have been handed over separate email ids for official communication. And the incident was discovered by the IT staff on the 20th of the same month.

Ransomware 121

Ransomware Media Malware Cyber Attacks 121

SecureList

MAY 16, 2023

Download the full version of the report (PDF) Kaspersky Incident Response in various regions and industries In 2022, 45.9% Key trends in 2022: initial attack vectors and impact In 2022, attackers most often penetrated organizations’ infrastructure by exploiting various vulnerabilities in public-facing applications (42.9%).

Ransomware 143

Ransomware Encryption Security Awareness Authentication 143

SecureList

APRIL 18, 2022

Yanluowang is a type of targeted ransomware discovered by the Symantec Threat Hunter team as they were investigating an incident on a large corporate network. Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files.

Encryption 140

Encryption Ransomware Backups VPN 140

SecureList

MAY 8, 2024

Ransomware attacks continue to be one of the biggest contemporary cybersecurity threats, affecting organizations and individuals alike on a global scale. As we approach International Anti-Ransomware Day, we have analyzed the major ransomware events and trends. The third most active ransomware in 2023 was Cl0p.

Ransomware 138

Ransomware Encryption Small Business Cybersecurity 138

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 143

Ransomware Encryption Backups Manufacturing 143

Security Affairs

JULY 9, 2024

Avast developed and released a decryptor for the DoNex ransomware family that allows victims to recover their files for free. Avast researchers identified a cryptographic flaw in the DoNex ransomware and its predecessors that allowed them to develop a decryptor. “All brands of the DoNex ransomware are supported by the decryptor.”

Ransomware 135

Ransomware Encryption Passwords Hacking 135

Security Boulevard

OCTOBER 4, 2022

OpenText today published a Nastiest Malware of 2022 report that highlighted how ransomware attacks are evolving into triple threats. In addition to encrypting and stealing data, many attackers now include a distributed denial-of-service (DDoS) attack when victims refuse to cave to ransom demands.

Malware 122

Malware DDOS Ransomware Encryption 122

Security Affairs

JULY 15, 2022

Cyble researchers warn of three new ransomware operations named Lilith, RedAlert and 0mega targeting organizations worldwide. Researchers from threat intelligence firm Cyble warn of new ransomware gangs that surfaced recently, named Lilith, RedAlert, and 0mega. The ransomware targets a limited types of files, including log files (.log),

Ransomware 141

Ransomware Encryption Malware Hacking 141

eSecurity Planet

JANUARY 6, 2022

About the only consensus on cybersecurity in 2022 is that things will get uglier, but in what ways? Third-party security, ransomware , artificial intelligence (AI) and decentralized finance (DeFi) are some of the threats you can expect to see more of this year – with the potential for far worse results than we’ve seen in the past.

Ransomware 133

Ransomware Cybersecurity Artificial Intelligence CISO 133

Security Affairs

NOVEMBER 28, 2022

Several Ukrainian organizations were hit by Russia-based RansomBoggs Ransomware in the last week, ESET reports. Researchers from ESET observed multiple attacks involving a new family of ransomware, tracked as RansomBoggs ransomware, against Ukrainian organizations. The key is then RSA encrypted and written to aes.bin.

Ransomware 142

Ransomware Encryption Telecommunications Malware 142

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware 145

Ransomware Encryption Backups Malware 145

The Last Watchdog

AUGUST 15, 2022

The top ransomware gangs have become so relentless that it’s not unusual for two or more of them to attack the same company within a few days – or even a few hours. Related: How ‘IABs’ foster ransomware. Thus, some of the victim company’s assets got triple encrypted.

Ransomware 214

Ransomware System Administration Cyber Attacks Hacking 214

Security Affairs

OCTOBER 11, 2022

Lockbit ransomware affiliates are compromising Microsoft Exchange servers to deploy their ransomware, experts warn. South-Korean cybersecurity firm AhnLab reported that Lockbit ransomware affiliates are distributing their malware via compromised Microsoft Exchange servers. ransomware. . ransomware. .

Ransomware 144

Ransomware Encryption Malware Hacking 144

Krebs on Security

JUNE 8, 2023

More alarmingly, the company said it appears attackers first started exploiting the flaw in October 2022. Because a ransomware actor doesn’t care about that level of access. If they’re going for data ransoming, they’re encrypting the data itself — not the machines.” They don’t need it.

Firmware 347

Firmware Malware Software Ransomware 347

Security Affairs

JULY 20, 2022

Kaspersky researchers discovered a new ransomware family written in Rust, named Luna, that targets Windows, Linux, and ESXi systems. Researchers from Kaspersky Lab detailed a new ransomware family named Luna, which is written in Rust and is able to target Windows, Linux, and ESXi systems. A notable example includes BlackCat and Hive.

Ransomware 144

Ransomware Encryption Malware Advertising 144

Security Affairs

JUNE 6, 2024

A new Linux variant of the TargetCompany ransomware family targets VMware ESXi environments using a custom shell script. A new variant of the TargetCompany ransomware group uses a custom shell script as a means of payload delivery and execution, this is the first time the technique was observed in the wild. The malware appends the “.locked”

Ransomware 137

Ransomware Encryption Backups Malware 137

Security Affairs

OCTOBER 19, 2022

Researchers at Palo Alto Network’s Unit 42 linked the Ransom Cartel ransomware operation to the REvil ransomware operations. Researchers at Palo Alto Network’s Unit 42 have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil cybercrime gang. ” continues the report. ” .

Ransomware 142

Ransomware Encryption Engineering Cybercrime 142

Security Affairs

JANUARY 7, 2022

Researchers warn of a new ransomware family, called ‘Night Sky,’ that uses a double-extortion model in attacks again businesses. Researchers from MalwareHunterteam first spotted a new ransomware family dubbed Night Sky that implements a double extortion model in attacks aimed at businesses. No sample seen yet.

Ransomware 145

Ransomware Encryption Hacking Internet 145

Malwarebytes

JUNE 6, 2022

Though the IBM researchers managed to undo the work of multiple ransomware variants, the panacea dream decryptor never materialized. Hope is not a strategy,” Piazza said at RSA Conference 2022, held in San Francisco in person for the first time in two years. Did it upload files anywhere? With some fine-tuning, Gdanski’s work paid off.

Encryption 131

Encryption Ransomware Engineering 131

Malwarebytes

JANUARY 11, 2024

This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.

Ransomware 131

Ransomware Healthcare Encryption Technology 131

SecureList

MAY 11, 2023

Ransomware keeps making headlines. In 2022, Kaspersky solutions detected over 74.2M attempted ransomware attacks which was 20% more than in 2021 (61.7M). In 2022, Kaspersky solutions detected over 74.2M attempted ransomware attacks which was 20% more than in 2021 (61.7M). We named it RedAlert/N13V.

Ransomware 144

Ransomware Malware Architecture Telecommunications 144

Security Affairs

JULY 15, 2022

Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. ” concludes Microsoft.

Ransomware 145

Ransomware Cryptocurrency Government Small Business 145

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. Encrypting sensitive data wherever possible.

Healthcare 306

Healthcare Backups Ransomware Insurance 306

Security Affairs

JUNE 10, 2022

The Cuba ransomware operators are back and employed a new version of its malware in recent attacks. Cuba ransomware has been active since at least January 2020. The ransomware encrypts files on the targeted systems using the “.cuba” The ransomware encrypts files on the targeted systems using the “.cuba”

Ransomware 144

Ransomware Malware Encryption Hacking 144

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering 340

Social Engineering Mobile Passwords Cybercrime 340

Security Affairs

JULY 23, 2022

DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. ” reads the announcement published by DoJ.

Ransomware 145

Ransomware Healthcare Cryptocurrency Encryption 145