Security Affairs

MAY 25, 2020

Ransomware encrypts from virtual machines to evade antivirus. Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Mounting all the shared drives to encrypt. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption 137

Encryption Ransomware Energy and Utilities Advertising 137

Security Affairs

JUNE 8, 2021

Trojan Shield operation: The FBI and Australian Federal Police ran an encrypted chat platform that was used by crime gangs and intercepted their communications. The FBI and Australian Federal Police (AFP) ran an encrypted chat platform that was used by crime gangs and intercepted their communications.

Encryption 135

Encryption Cryptocurrency Cybercrime Advertising 135

Security Affairs

OCTOBER 15, 2020

The Video conferencing platform Zoom announced the implementation of end-to-end encryption (E2EE) and its availability starting next week. The popular Video conferencing platform Zoom announced the availability of the end-to-end encryption (E2EE) starting next week. ” reads the post published by the company. Pierluigi Paganini.

Encryption 109

Encryption Advertising Accountability Hacking 109

Security Affairs

JULY 29, 2021

ransomware is now able to encrypt Windows domains by using Active Directory group policies. ransomware that encrypts Windows domains by using Active Directory group policies. After ransomware ads were banned on hacking forum, the LockBit operators set up their own leak site promoting the latest variant and advertising the LockBit 2.0

Encryption 145

Encryption Ransomware Malware Hacking 145

Security Affairs

FEBRUARY 17, 2020

Tutanota , the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption 113

Encryption VPN Government Internet 113

Security Affairs

FEBRUARY 26, 2020

This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication.” ” Experts pointed out that the vulnerability does not reside in the Wi-Fi encryption protocol, instead, the issue is related to the way some chips implemented the encryption.

Encryption 112

Encryption Wireless Manufacturing Advertising 112

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 345

Cybercrime VPN Malware Ransomware 345

Security Affairs

MARCH 13, 2025

Medusa operators leverage legitimate remote access tools like AnyDesk, Atera, and Splashtop, alongside RDP and PsExec, to move laterally and locate files for exfiltration and encryption. Encryption is executed using gaze.exe , which disables security tools, deletes backups, and encrypts files with AES-256 before dropping a ransom note.

Ransomware 66

Ransomware Encryption Cryptocurrency Insurance 66

Krebs on Security

NOVEMBER 21, 2018

The API in question was tied to a Postal Service initiative called “ Informed Visibility ,” which according to the USPS is designed to let businesses, advertisers and other bulk mail senders “make better business decisions by providing them with access to near real-time tracking data” about mail campaigns and packages.

Accountability 277

Accountability Authentication Identity Theft Advertising 277

Security Affairs

MARCH 2, 2025

3 cyberattack led to unauthorized access, file withdrawals, and encryption of critical applications. “Preliminary investigations indicate that threat actors unlawfully accessed the Companys network, encrypted critical applications, and exfiltrated certain files. The company reported to the SEC that a Feb.

Ransomware 77

Ransomware Cybercrime Encryption Healthcare 77

Security Affairs

JANUARY 11, 2022

AvosLocker is the latest ransomware that implemented the capability to encrypt Linux systems including VMware ESXi servers. AvosLocker expands its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers, Bleeping computed reported. ” reported BleepingComputer. Pierluigi Paganini.

Ransomware 139

Ransomware Encryption Advertising Malware 139

Security Affairs

OCTOBER 11, 2020

Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. According to BleepingComputer, which cited a source informed on the event, Tyler Technologies paid a ransom of an unspecified amount to receive the decryption key and recover encrypted files.

Technology 145

Technology Ransomware Encryption Advertising 145

Security Affairs

AUGUST 21, 2020

The university notified appropriate law enforcement entities, and the university’s Information Security Office (ISO) investigated and resolved the incident in consultation with an external firm that specializes in responding to ransomware attacks.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 145

Ransomware Cyber Insurance Insurance Advertising 145

Security Affairs

JUNE 6, 2020

The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. encrypt extension to filenames of encrypted files. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware 142

Ransomware Encryption Advertising Manufacturing 142

Security Affairs

JULY 8, 2020

Good news for the victims of the ThiefQuest (EvilQuest) ransomware, they can recover their encrypted files for free. The victims of the ThiefQuest (EvilQuest) ransomware victims can recover their encrypted files without needing to pay the ransom due to the availability of a free decryptor. macOS ransomware #decryptor ( #EvilQuest )! |

Ransomware 142

Ransomware Encryption Malware Advertising 142

Security Affairs

DECEMBER 2, 2019

The malicious code executes a small program, just before starting the encryption process, to disable security tools running on the infected systems that could detect its operations. These are encrypted under the suffix. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware 144

Ransomware Encryption Advertising Malware 144

Security Affairs

SEPTEMBER 28, 2020

A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. According to the popular malware researchers Michael Gillespie , the Mount Locker uses ChaCha20 to encrypt the files and an embedded RSA-2048 public key to encrypt the encryption key. Pierluigi Paganini.

Ransomware 142

Ransomware Encryption Advertising Engineering 142

Security Affairs

APRIL 9, 2020

million ransom to decrypt its files after being encrypted by the infamous Sodinokibi ransomware. “As part of this attack, the operators behind the Sodinokibi ransomware told BleepingComputer that they had encrypted the company’s entire network, deleted backup files, and copied more than 5GB of personal data.

Ransomware 144

Ransomware Encryption Advertising Backups 144

Security Affairs

OCTOBER 31, 2020

The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before encrypting them. “Absolutely all servers and working computers of the company are hacked and encrypted. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking 145

Hacking Ransomware Advertising Encryption 145

Security Affairs

OCTOBER 15, 2020

The department received an email from the threat actors that notifies it that they had encrypted its servers and demanded the payment of a ransom to release them. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising 132

Advertising Encryption Hacking Information Security 132

Security Affairs

OCTOBER 11, 2020

The actors behind FONIX RaaS advertised several products on various cybercrime forums. Experts believe that However the FONIX RaaS can quickly become rampant if security firms and authorities underestimate it. The FONIX ransomware only targets Windows systems, by default it encrypts all file types, excluding critical Windows OS files.

Ransomware 131

Ransomware Encryption Advertising DDOS 131

Security Affairs

SEPTEMBER 17, 2020

The Maze ransomware operators now use a virtual machine to encrypt a computer, a tactic previously adopted by the Ragnar Locker malware. The Maze ransomware operators have adopted a new tactic to evade detection, their malware now encrypts a computer from within a virtual machine. ” reads the analysis published by Sophos. .

Ransomware 145

Ransomware Encryption Advertising Malware 145

Security Affairs

SEPTEMBER 10, 2020

To avoid detection of malicious functionalities, the authors encrypted all suspicious-looking strings with the Corrected Block TEA (XXTEA) cipher and then running Base64 encoding. “Interestingly, the password from the configuration file is stored encrypted. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 145

Malware Encryption Advertising Passwords 145

Security Affairs

OCTOBER 5, 2020

The botnet uses the WSS (WebSocket over TLS) protocol for C2 communication to circumvent the typical Mirai traffic detection and provide secure encrypted communication for command and control. “Two zero days, 12 remote access functions for the router, encrypted traffic protocol, and infrastructure IP that that moves around. .”

IoT 145

IoT Firmware Advertising DNS 145

Security Affairs

JUNE 29, 2020

million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. While we stopped the attack as it was occurring, the actors launched malware that encrypted a limited number of servers within the School of Medicine, making them temporarily inaccessible,” reads a statement published by the UCSF.

Ransomware 141

Ransomware Encryption Advertising Malware 141

Security Affairs

MAY 27, 2020

The malicious code adds the “ fuckunicornhtrhrtjrjy” extensions to names of encrypted files. The good news for the victims is that CERT-AgID discovered that the password for encrypting the files is sent in clear text to the attacker, this means that it can be retrieved from the network traffic. Pierluigi Paganini.

Ransomware 144

Ransomware Encryption Advertising Malware 144

Security Affairs

APRIL 1, 2020

In malspam attacks, attackers could encrypt the Excel file by setting up a password, then when the victims receive the email, hackers trick them into opening the attachment using a password included in the content of the message. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware 131

Malware Passwords Encryption Advertising 131

Security Affairs

MARCH 17, 2020

Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. The filename of the encrypted files will be changed to the attacker’s email address (i.e.

Ransomware 139

Ransomware Advertising Cryptocurrency Passwords 139

Security Affairs

AUGUST 2, 2020

BleepingComputer researchers confirmed that Garmin has received the decryption key to recover their files encrypted with the WastedLocker Ransomware. BleepingComputer first revealed that Garmin has received the decryption key to recover the files encrypted with the WastedLocker Ransomware in the recent attack. Pierluigi Paganini.

Ransomware 145

Ransomware Encryption Advertising Software 145

Security Affairs

SEPTEMBER 29, 2020

The name AgeLocker comes from the use of the Actually Good Encryption ( AGE ) algorithm to encrypt files, experts warn that encrypted files can’t be recovered without paying the ransom to the ransomware operators. Security experts are observing the new strain of ransomware that is targeting QNAP devices since June.

Firmware 145

Firmware Ransomware Encryption Advertising 145

Security Affairs

MAY 1, 2020

The hackers claim to have compromised the Banco BCR’s network in August 2019, and had the opportunity to exfiltrate its information before encrypting the files. Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. ” reads a post published by Cyble. Pierluigi Paganini.

Ransomware 145

Ransomware Banking Cyber Insurance Advertising 145

Security Affairs

JANUARY 30, 2021

The FonixCrypter gang also closed its Telegram channel that was used to advertise the malware in the cybercrime underground. The availability of the master decryption key allows the victims to recover their encrypted files for free. Unfortunately, at the time of writing the RAR archive is not available.

Ransomware 143

Ransomware Encryption Malware Cybercrime 143

Security Affairs

OCTOBER 13, 2020

.” The firm confirmed that many of its systems were encrypted and it is not aware of unauthorized access to its client or firm data, “We have found no evidence that any of our client or firm data were accessed or removed.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 144

Ransomware Advertising Malware Encryption 144

Security Affairs

OCTOBER 8, 2020

Recently QNAP published a security advisory urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. Security experts are observing the new strain of ransomware that is targeting QNAP devices since June. Pierluigi Paganini.

Encryption 132

Encryption Advertising Firmware Ransomware 132

Security Affairs

JANUARY 30, 2020

Electronic Warfare Associates p rovides electronic equipment to the US government, the list of customers includes the Department of Defense (DOD), the Department of Homeland Security (DHS), and the Department of Justice (DOJ). Evidence of the hack is still visible online because Google has cashed the ransom notes and encrypted files.

Ransomware 135

Ransomware Government Advertising Malware 135

Security Affairs

SEPTEMBER 20, 2020

The good news is that the RansomEXX ransom, unlike other families of ransomware, does not appear to exfiltrate data before encrypting target systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware 143

Ransomware Manufacturing Advertising Encryption 143

Security Affairs

MARCH 23, 2020

Upon the execution of the script, the executable is saved to %Temp%qeSw.exe and launched to start the encryption of the files. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware 144

Ransomware Phishing Advertising Encryption 144