Malwarebytes

DECEMBER 2, 2024

The US Department of Justice has charged a Russian national named Evgenii Ptitsyn with selling, operating, and distributing a ransomware variant known as “Phobos” during a four-year cybercriminal campaign that extorted at least $16 million from victims across the world.

Ransomware 124

Ransomware Backups Small Business Malware 124

Krebs on Security

MAY 11, 2020

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. The 35,000-employee company also produces point-of-sale systems and software used by many retailers. WEEKEND WARRIORS.

Ransomware 362

Ransomware Retail Malware Data breaches 362

Krebs on Security

SEPTEMBER 23, 2020

Tyler Technologies , a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. Earlier today, the normal content on tylertech.com was replaced with a notice saying the site was offline. .”

Technology 358

Technology Ransomware Software Government 358

Webroot

OCTOBER 31, 2024

This year has seen ransomware groups adapt and innovate, pushing the boundaries of their malicious capabilities and evasiveness from law enforcement. In our annual “Nastiest Malware” report, now in its sixth year, we’ve observed a steady increase in both the number and sophistication of malware attacks.

Malware 104

Malware Ransomware Passwords Healthcare 104

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. “Tools that are usually associated with China-based espionage actors were recently deployed in an attack involving the RA World ransomware against an Asian software and services company.

Ransomware 117

Ransomware Software Cybercrime Encryption 117

Schneier on Security

FEBRUARY 7, 2020

EKANS is a new ransomware that targets industrial control systems: But EKANS also uses another trick to ratchet up the pain: It's designed to terminate 64 different software processes on victim computers, including many that are specific to industrial control systems.

Ransomware 275

Ransomware Malware Encryption Software 275

Schneier on Security

JANUARY 10, 2023

I don’t know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. “It’s still too early to decide whether or not ChatGPT capabilities will become the new favorite tool for participants in the Dark Web,” company researchers wrote.

Malware 65

Malware Encryption Cybercrime Passwords 65

Krebs on Security

MARCH 2, 2021

PrismHR , a company that sells technology used by other firms to help more than 80,000 small businesses manage payroll, benefits, and human resources, has suffered what appears to be an ongoing ransomware attack that is disrupting many of its services. “Prism is the only real option on the PEO software market,” he said.

Ransomware 337

Ransomware Small Business Insurance Software 337

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. The upshot? ” Meanwhile, the U.S.

Ransomware 328

Ransomware Accountability Cybercrime Malware 328

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest.

Cybercrime 230

Cybercrime Ransomware Cryptocurrency Government 230

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code.

Ransomware 354

Ransomware Encryption Backups Manufacturing 354

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But according to Microsoft and an advisory from the U.S. National Security Agency (NSA).

Healthcare 338

Healthcare Ransomware Cybersecurity Malware 338

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide.

Ransomware 109

Ransomware IoT Encryption Social Engineering 109

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. Over the past 24 hours, the crooks responsible for spreading the ransom malware “REvil” (a.k.a. and Europe in early March.”

Ransomware 340

Ransomware Backups Encryption Internet 340

Digital Shadows

NOVEMBER 12, 2024

By containing a threat as quickly as possible, organizations drastically limit incident impact, preventing damaging consequences such as data exfiltration, malware deployment, lateral movement, and operational downtime. On average, companies in the construction industry contain a threat within about 5 hours.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware.

Healthcare 325

Healthcare Ransomware Antivirus Hacking 325

Troy Hunt

APRIL 26, 2021

Earlier this year, the FBI in partnership with the Dutch National High Technical Crimes Unit (NHTCU), German Federal Criminal Police Office (BKA) and other international law enforcement agencies brought down what Europol rereferred to as the world's most dangerous malware: Emotet. Keep operating systems and software patched.

Malware 357

Malware Passwords Banking Password Management 357

Security Boulevard

MARCH 17, 2025

A software programmer developed a way to use brute force to break the encryption of the notorious Akira ransomware using GPU compute power and enabling some victims of the Linux-focused variant of the malware to regain their encrypted data without having to pay a ransom.

Ransomware 80

Ransomware Encryption Malware Software 80

Security Affairs

MARCH 30, 2025

The Walmart-owned membership warehouse club chain Sams Club is investigating claims of a Cl0p ransomware security breach. This week, Cl0p ransomware group listed Sams Club among the victims of its December Cleo software exploit , accusing it of ignoring security. Victims include Petmate, and Simple Human.

Ransomware 79

Ransomware Data breaches Software Hacking 79

Security Affairs

NOVEMBER 6, 2024

Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, and disrupted the access to its Electronic Health Record system. Ransomware attacks on U.S. terabytes of data.

Ransomware 123

Ransomware Healthcare Antivirus Data breaches 123

Security Affairs

MARCH 1, 2025

Microsoft warns of a Paragon Partition Manager BioNTdrv.sys driver zero-day flaw actively exploited by ransomware gangs inattacks. The IT giant reported that one of these flaws is exploited by ransomware groups inzero-dayattacks. Microsoft reported that ransomware groups exploited CVE-2025-0289 to gain SYSTEM-level access.

Ransomware 115

Ransomware Software Hacking Cybercrime 115

Security Boulevard

FEBRUARY 14, 2025

A Chinese threat actor who targeted an Asian software company used the same toolset for the ransomware attack that was found in multiple cyberespionage incidents, leaving Symantec analysts to believe the hacker was a Chinese spy who used the malicious tools to earn some money on the side.

Ransomware 101

Ransomware Software Malware Cybersecurity 101

Krebs on Security

JUNE 1, 2023

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. “Antivirus software trusts signed programs more. For some types of software, a digital signature is mandatory.”

Malware 301

Malware Cybercrime Software Accountability 301

Security Affairs

DECEMBER 1, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 69

Malware Social Engineering Antivirus Engineering 69

Krebs on Security

JULY 19, 2019

Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. based iNSYNQ specializes in providing cloud-based QuickBooks accounting software and services. Gig Harbor, Wash.-based

Ransomware 278

Ransomware Accountability Software Marketing 278

Security Affairs

OCTOBER 19, 2024

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Veeam Backup & Replication is a comprehensive data protection and disaster recovery software developed by Veeam.

Backups 128

Backups VPN Ransomware Authentication 128

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware 135

Malware Ransomware Banking Healthcare 135

The Last Watchdog

DECEMBER 20, 2021

Within the past year, we have seen a glut of ransomware attacks that made global news as they stymied the operations of many. In May, the infamous Colonial Pipeline ransomware attack disrupted nationwide fuel supply to most of the U.S. Malware, including ransomware, is a fast-growing criminal market.

Malware 256

Malware Phishing Technology Ransomware 256

SecureWorld News

OCTOBER 31, 2024

Vampire malware: draining systems dry This malware creeps in undetected, draining resources and stealing data in the dark. Like vampires, malware strains can operate quietly, leeching data or encrypting files without warning, making ransomware and spyware infections incredibly haunting.

IoT 117

IoT Phishing DDOS Backups 117

Krebs on Security

NOVEMBER 19, 2024

Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. .” “Furthermore, no files other than the exfiltrated files were viewed or accessed.

Data breaches 292

Data breaches Banking Cybercrime Advertising 292

Security Boulevard

FEBRUARY 14, 2025

Malware, a contraction of malicious software, encompasses any intrusive program developed by cybercriminals to compromise data integrity, damage systems, or gain unauthorized access. This broad category includes viruses, ransomware, spyware, and trojans, among others. appeared first on Seceon Inc.

Malware 64

Malware Spyware Ransomware Software 64

Krebs on Security

SEPTEMBER 27, 2023

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The victim shaming website for the Snatch ransomware gang. com and www-discord[.]com. the now-defunct pittsburghcitygirls[.]com).

Ransomware 312

Ransomware Internet Internet Phishing 312

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 271

Malware Antivirus Cybercrime Hacking 271

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. Unlike ransomware, which is deployed against large businesses that cybercriminals hope can pay hefty ransoms, info stealers can deliver illicit gains no matter the target. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware 128

Malware Software Passwords Cryptocurrency 128

The Last Watchdog

JANUARY 20, 2022

Looking back, 2021 was a breakout year for ransomware around the globe, with ransoms spiking to unprecedented multi-million dollar amounts. Related: Colonial Pipeline attack ups ransomware ante. EDR systems are supposed to protect IT system endpoints against these very malware, ransomware, and other types of malicious code.

Ransomware 234

Ransomware Malware Data breaches Technology 234

Security Affairs

JANUARY 26, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 61

Malware Artificial Intelligence Ransomware Hacking 61

Krebs on Security

JUNE 8, 2023

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. “That’s not a ransomware actor, that’s a state actor. . Campbell, Calif.

Firmware 341

Firmware Malware Software Ransomware 341