Security Affairs

DECEMBER 17, 2024

In March 2023, Lumen Black Lotus Labs researchers uncovered a sophisticated campaign called HiatusRAT that infected over 100 edge networking devices globally. Starting in mid-June through August 2023, Black Lotus Labs observed multiple newly compiled versions of the HiatusRAT malware discovered in the wild.

Architecture 107

Architecture Internet Internet Malware 107

SecureWorld News

NOVEMBER 14, 2024

Compared to 2023, healthcare providers are facing a higher frequency of ransomware incidents, impacting their ability to deliver essential services and protect sensitive patient data. As of the first three quarters of 2024, there were already 264 ransomware incidents affecting healthcare providers—nearly matching all of 2023's figures.

Healthcare 118

Healthcare Ransomware Identity Theft Data breaches 118

Malwarebytes

DECEMBER 2, 2024

In 2023, ThreatDown discovered that, unlike other ransomware gangs that demanded up to $1 million or more from each victim , Phobos operators demanded an average of $1,719 from victims, with a median demand of just $300. Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers.

Ransomware 123

Ransomware Backups Small Business Malware 123

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 117

Data breaches Cybercrime Financial Services Hacking 117

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups 98

Backups Spyware Malware Accountability 98

Malwarebytes

FEBRUARY 14, 2024

In 2023, the CL0P ransomware gang broke the scalability barrier and shook the security world with a series of short, automated campaigns, hitting hundreds of unsuspecting targets simultaneously with attacks based on zero-day exploits. There were about 4,500 known ransomware attacks in 2023, although the true figure is probably twice that.

Ransomware 95

Ransomware Cybercrime Backups Malware 95

Krebs on Security

SEPTEMBER 30, 2023

According to a September 20, 2023 joint advisory from the FBI and the U.S. ” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards.

Ransomware 280

Ransomware Accountability Cybercrime Backups 280

Security Affairs

FEBRUARY 11, 2025

Source Nation Thailand The gang compromised at least 17 Swiss companies using the Phobos ransomware between April 2023 and October 2024. In November 2023, Cisco Talos researchers observed 8Base ransomware operators using a new variant of the Phobos ransomware. Disable system recovery, backup and shadow copies and the Windows firewall.

Ransomware 71

Ransomware Encryption Backups Malware 71

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. Threat actors are wiping NAS and backup devices. They also explained that organizations can protect against the destruction of backups taking offline backups.

Ransomware 135

Ransomware Backups VPN Authentication 135

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. Threat actors are wiping NAS and backup devices. They also explained that organizations can protect against the destruction of backups taking offline backups.

Ransomware 122

Ransomware Backups VPN Authentication 122

Javvad Malik

JULY 5, 2024

Oliver’s story brings into sharp focus the real-world consequences of cybercrime – the stress, the uncertainty, and the potential health complications that can arise from delayed medical procedures. IBM’s 2023 Cost of a Data Breach Report showed the global average cost of a data breach reached $4.45

Healthcare 208

Healthcare Data breaches Cybersecurity Cybercrime 208

Security Affairs

NOVEMBER 8, 2023

As of July 2023, the FBI observed ransomware operators exploiting vulnerabilities in vendor-controlled remote access to casino servers, and companies that were compromised through legitimate system management tools to elevate network permissions. . ” reported the PIN.

Ransomware 138

Ransomware Backups Encryption Phishing 138

Security Affairs

MAY 12, 2024

In December 2023, Elliptic and Corvus Insurance published a joint research that revealed the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. It has been used to attack more than 329 organizations globally and has grown to become the fourth-most active strain of ransomware by number of victims in 2022-2023.”

Ransomware 142

Ransomware Hacking Healthcare Retail 142

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 269

Cybercrime Banking Computers and Electronics DDOS 269

Malwarebytes

SEPTEMBER 19, 2023

In March of 2023, we reported how the German Regional Police and the Ukrainian National Police, with support from Europol, the Dutch Police, and the United States Federal Bureau of Investigations (FBI), apprehended two suspects and seized computer equipment. Create offsite, offline backups. Don’t get attacked twice.

Ransomware 137

Ransomware Backups Cryptocurrency Cybercrime 137

SecureWorld News

JANUARY 19, 2023

The exclusive webcast covers: • What's happening in the ransomware realm right now • Three tips from the cybercriminals themselves • Conti cybercrime group insights Register to view the webcast on-demand at your convenience and earn 1 CPE credit in the process. It will be available for viewing through August 2023.

Hacking 108

Hacking Backups Ransomware Retail 108

Krebs on Security

DECEMBER 29, 2022

I will also continue to post on LinkedIn about new stories in 2023. Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. 24, Russia invades Ukraine, and fault lines quickly begin to appear in the cybercrime underground.

Cryptocurrency 295

Cryptocurrency Cybercrime Computers and Electronics Scams 295

Security Affairs

MAY 9, 2024

Researchers from Juniper Threat Labs reported that threat actors are exploiting recently disclosed Ivanti Connect Secure (ICS) vulnerabilities CVE-2023-46805 and CVE-2024-21887 to drop the payload of the Mirai botnet. The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. “If reads the advisory published by Ivanti.

Authentication 134

Authentication Backups Cyber threats Malware 134

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 69

Spyware Firewall Artificial Intelligence Malware 69

Security Affairs

SEPTEMBER 1, 2023

The Key Group ransomware gang has been active since at least January 2023. EclecticIQ researchers reported that since June 29, 2023, the ransomware group is likely using the NjRAT RAT to remotely access victim devices. EclecticIQ researchers believe that the financially-motivated gang is primarily Russian speaking.

Ransomware 128

Ransomware Encryption Backups Malware 128

Security Affairs

NOVEMBER 13, 2023

The gang claims to have stolen a huge amount of sensitive data from the company and threatens to publish it if Boeing does not contact them within the initial deadline (02 Nov, 2023 13:25:39 UTC, later postponed to 10 Nov, 2023). The attack targeted elements of the parts and distribution business run by its global services division.

Ransomware 136

Ransomware Authentication Backups Manufacturing 136

Security Affairs

JUNE 17, 2023

Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9 Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9

Data breaches 98

Data breaches DDOS Backups Firewall 98

SecureWorld News

FEBRUARY 28, 2024

By co-opting the ransomware group's own communication channels, police aimed to sow doubts in the cybercrime community reliant on LockBit's tools and services. However, it claimed critical systems like ransom payment tracking remained unaffected due to backups. Nonetheless.

Cybercrime 108

Cybercrime Ransomware Backups Encryption 108

SecureList

MAY 8, 2024

Ransomware landscape: rise in targeted groups and attacks Kaspersky collected data on targeted ransomware groups and their attacks from multiple relevant public sources, for the years 2022 and 2023, filtered and validated it. In the graph below, you can see the ransomware families that were most active in 2023.

Ransomware 130

Ransomware Encryption Small Business Cybersecurity 130

Security Affairs

MARCH 13, 2025

Notably, they target CVE-2024-1709 (ScreenConnect authentication bypass) and CVE-2023-48788 (Fortinet EMS SQL injection) to infiltrate systems. Encryption is executed using gaze.exe , which disables security tools, deletes backups, and encrypts files with AES-256 before dropping a ransom note.

Ransomware 69

Ransomware Encryption Cryptocurrency Insurance 69

Security Affairs

NOVEMBER 19, 2023

The experts observed a massive spike in activity associated with this threat actor between May and June 2023. Security experts attributed 67 attacks to the group in May 2023, most of the victims are in the U.S. Disable system recovery, backup and shadow copies and the Windows firewall. and Brazil.

Ransomware 140

Ransomware Encryption Backups Malware 140

Malwarebytes

OCTOBER 11, 2023

Antivirus software—or more correctly, its modern descendents endpoint security and Endpoint Detection and Response (EDR)—are essential tools in the battle against cybercrime. It was attacked on September 22, 2023. Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers.

Antivirus 122

Antivirus Insurance Ransomware Healthcare 122

Security Affairs

MARCH 12, 2023

This week a threat actor, who goes online with the moniker “kernelware”, claimed the theft of data from technology firm Acronis and started leaking it on the cybercrime forum Breached Forums. The CISO of Acronis downplayed a recent intrusion, revealing that only one customer was impacted. Updates to follow as needed.

Accountability 98

Accountability Backups Cybercrime CISO 98

Security Affairs

MARCH 26, 2023

If you want to also receive for free the newsletter with the international press subscribe here.

Data breaches 98

Data breaches DDOS Backups Ransomware 98

Thales Cloud Protection & Licensing

NOVEMBER 13, 2023

Defending Financial Services Against Fraud in a Shifting Cyber Landscape sparsh Tue, 11/14/2023 - 05:05 As we approach International Fraud Awareness Week during 12-18 November 2023, taking stock of the evolving threat landscape and the vulnerabilities that financial services organizations face is crucial. billion annually.

Financial Services 104

Financial Services Encryption Cybercrime Threat Reports 104

Security Affairs

JANUARY 24, 2024

Threat actors are wiping NAS and backup devices. Akira ransomware infections were first reported in Finland in June 2023, however, in December the number of attacks increased. The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices.

Ransomware 138

Ransomware VPN Government Retail 138

Security Affairs

JULY 2, 2023

Illicit Telegram Communities Dismantling of an encrypted network sends shockwaves through organised crime groups across Europe TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant Malware Trojanized Super Mario Game Installer Spreads SupremeBot Malware Initial research exposing JOKERSPY Who is 8BASE?

Hacking 98

Hacking Ransomware Cybercrime Malware 98

Malwarebytes

MARCH 3, 2023

The attack began on February 14, 2023, and required Pierce Transit to implement temporary workarounds, to maintain the service of the transit system which transports around 18,000 people every day. Ransomware-as-a-service is the most lucrative and dangerous form of cybercrime. Create offsite, offline backups.

Ransomware 95

Ransomware Backups Cybercrime Malware 95

Security Affairs

OCTOBER 15, 2023

The group claims to have stolen 5TB of patients’ and employee’s information, backups, PII documents, and more. 2/2 [link] — Brett Callow (@BrettCallow) October 13, 2023 In September, the LockBit ransomware group breached two hospitals , the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York.

Ransomware 143

Ransomware Healthcare Data breaches Cyber Attacks 143

Security Affairs

MAY 8, 2023

reads the status page of the company on April 2, 2023. “We On March 26, 2023, Western Digital identified a network security incident involving Western Digital’s systems. We expect to restore access the week of May 15, 2023.” Industry Experts can explain to the public what a full backup entails.”

Data breaches 98

Data breaches Backups Ransomware Network Security 98

Webroot

OCTOBER 4, 2024

So how do we protect ourselves from this type of cybercrime? Backup your devices regularly using solutions like Carbonite. Last year, there were a record number of ransomware attacks impacting consumer data at high-profile organizations such as Bank of America , Rite Aid , and MGM Resorts. Use multi-factor authentication.

Malware 105

Malware Backups Adware Ransomware 105

Malwarebytes

MAY 24, 2023

On Friday May 19, 2023, the German arms producer Rheinmetall acknowledged a cyber-incident at one of it’s subsidiaries in the private sector. A spokesman for the Central and Contact Point Cybercrime (ZAC NRW) at the Cologne public prosecutor's office confirmed corresponding knowledge of an incident in the early evening.

Ransomware 97

Ransomware Backups Manufacturing Encryption 97