SecureList

DECEMBER 22, 2022

Around the same time, we identified ransomware and wiper malware samples resembling those used in the first wave, though with a few interesting modifications that likely allowed evasion of security controls and better attack speeds. Wiper and ransomware, comparing wave 1 and wave 2. So, what’s new in this blogpost?

Ransomware 132

Ransomware Telecommunications Malware Encryption 132

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.

Ransomware 140

Ransomware Malware Telecommunications Advertising 140

Security Affairs

JUNE 29, 2020

Tens of organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. Security experts from Symantec reported that at least 31 organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. SecurityAffairs – hacking, WastedLocker ransomware).

Ransomware 122

Ransomware Telecommunications Manufacturing Advertising 122

Security Affairs

NOVEMBER 28, 2019

A piece of the Ryuk Ransomware infected the network of the multinational cybersecurity firm Prosegur, forcing the company to shut down it. The Spanish multinational security company Prosegur announced that it was of a ransomware attack that disrupted its telecommunication platform. SecurityAffairs – hacking, ransomware).

Ransomware 144

Ransomware Cybersecurity Telecommunications Advertising 144

Security Affairs

JANUARY 2, 2022

The Lapsus$ ransomware hit Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso. The Lapsus$ ransomware gang has compromised the infrastructure of Impresa, the largest media conglomerate in Portugal. The gang also targeted the South American telecommunication providers Claro and Embratel.

Media 145

Media Ransomware Telecommunications Accountability 145

SecureList

MAY 11, 2023

Ransomware keeps making headlines. attempted ransomware attacks which was 20% more than in 2021 (61.7M). attempted ransomware attacks which was 20% more than in 2021 (61.7M). Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted.

Ransomware 140

Ransomware Malware Architecture Telecommunications 140

Security Affairs

NOVEMBER 28, 2022

Several Ukrainian organizations were hit by Russia-based RansomBoggs Ransomware in the last week, ESET reports. Researchers from ESET observed multiple attacks involving a new family of ransomware, tracked as RansomBoggs ransomware, against Ukrainian organizations. MSIL/Filecoder.RansomBoggs.A

Ransomware 137

Ransomware Encryption Telecommunications Malware 137

CyberSecurity Insiders

SEPTEMBER 21, 2022

First is the news about Hive Ransomware targeting the New York Racing Association (NYRA) on 30th of June this year that resulted in disruption of IT services, including the website. Hackers are seen using this malware to exploit browsers leading to advertising and affiliate frauds. Last is the news about the Russian-Ukraine war.

Malware 121

Malware Telecommunications Insurance Ransomware 121

Security Affairs

JANUARY 14, 2022

Ukrainian police arrested members of a ransomware gang that targeted at least 50 companies in the U.S. Ukrainian police arrested members of a ransomware affiliate group that is responsible for attacking at least 50 companies in the U.S. The gang was distributing the LockerGoga and MegaCortex ransomware families. and Europe.

Ransomware 136

Ransomware DDOS Telecommunications Malware 136

Malwarebytes

SEPTEMBER 25, 2023

Newcomer ransomware group RansomedVC claims to have successfully compromised the computer systems of entertainment giant Sony. As ransomware gangs do, it made the announcement on its dark web website, where it sells data that it's stolen from victims' computer networks. How to avoid ransomware Block common forms of entry.

Ransomware 145

Ransomware Computers and Electronics Backups Telecommunications 145

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. net” and “ett[.]hopto[.]org”

Malware 103

Malware Telecommunications DNS Hacking 103

Security Affairs

JULY 17, 2020

Security researchers at Cyble reported that Nefilim ransomware operators allegedly targeted the mobile network operator Orange. Researchers from Cyble came across a post of Nefilim ransomware operators which were claiming to have stolen sensitive data of Orange S.A., SecurityAffairs – hacking, Nefilim ransomware). Orange S.A.

Business Services 144

Business Services Ransomware Mobile Advertising 144

Security Affairs

OCTOBER 24, 2020

The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. Boyne Resorts was the victim of WastedLocker ransomware attack, the incident has impacted reservation systems. This group has been active since at least 2007, in December 2019, the U.S.

Ransomware 122

Ransomware Telecommunications Banking Advertising 122

Security Affairs

FEBRUARY 13, 2025

The group also created the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 105

Telecommunications DNS Passwords Hacking 105

CyberSecurity Insiders

MAY 31, 2022

If you thought Windows 11 operating system machines were safe from Ransomware, then you better think twice before concluding. As information is out that those spreading Magniber Ransomware are after Windows 11 Machines and have targeted around a hundred by now.

Ransomware 112

Ransomware Telecommunications Encryption Cyber Attacks 112

SecureList

MAY 12, 2021

As the world marks the second Anti-Ransomware Day, there’s no way to deny it: ransomware has become the buzzword in the security community. Yet, much of the media attention ransomware gets is focused on chronicling which companies fall prey to it. Part I: Three preconceived ideas about ransomware.

Ransomware 145

Ransomware Encryption Malware Cybercrime 145

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. exe, and rundll32.exe.

Government 98

Government Malware Telecommunications Cybercrime 98

Security Boulevard

MARCH 15, 2022

Lapsus$: The New Name in Ransomware Gangs. According to The Record , the largest media conglomerate in Portugal, Impresa, was a target of the Lapsus$ ransomware over the New Year holiday break. Other targets include Brazil’s Ministry of Health (MoH) and Brazilian telecommunications operator Claro. brooke.crothers.

Ransomware 128

Ransomware Telecommunications Firmware Media 128

Security Affairs

JUNE 25, 2020

Maze ransomware operators claims to have breached the South Korean multinational electronics company LG Electronics. Researchers at Cyble discovered a data leak of LG Electronics published by Maze ransomware operators. Just after the WorldNet Telecommunications, the LG electronics fall as a victim of the Maze ransomware operators.”

Computers and Electronics 129

Computers and Electronics Ransomware Mobile Telecommunications 129

Security Affairs

DECEMBER 1, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 70

Cybercrime Firewall Social Engineering Ransomware 70

Security Affairs

FEBRUARY 15, 2025

custody in exchange for Marc Fogel North Korea-linked APT Emerald Sleet is using a new tactic U.S.

Spyware 68

Spyware Firewall Artificial Intelligence Malware 68

Digital Shadows

MARCH 17, 2025

This bypasses security barriers entirely, giving adversaries a direct path to infiltrate networks, steal data, and deploy ransomware undetected. Notably, 64% of VPN vulnerabilities are directly linked to ransomware campaigns, demonstrating how cybercriminals quickly monetize stolen credentials for profit.

VPN 133

VPN Authentication Ransomware Risk 133

Security Affairs

APRIL 13, 2022

Microsoft dismantled the C2 infrastructure used by the ZLoader trojan with the help of telecommunications providers around the world and cybersecurity firms. ” Zloader is a banking malware that has been active at least since 2016, it borrows some functions from the notorious Zeus 2.0.8.9 To nominate, please visit:?

Banking 139

Banking Malware Telecommunications Antivirus 139

Security Affairs

MARCH 11, 2022

Lapsus$ Ransomware gang is looking for insiders willing to sell remote access to major technology corporations and ISPs. Thursday, March 10, Lapsus$ ransomware gang announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM.

Ransomware 117

Ransomware Telecommunications Technology VPN 117

Security Affairs

MARCH 28, 2023

Telecommunications giant Lumen Technologies discovered two cybersecurity incidents, including a ransomware attack. One of the incidents is a ransomware attack that impacted a limited number of its servers that support a segmented hosting service. ” reads the 8-k form filed by the company with SEC.

Ransomware 98

Ransomware Telecommunications Technology Malware 98

SecureWorld News

JANUARY 27, 2023

The United States Department of Justice (DOJ) recently announced that it has successfully taken down the HIVE ransomware network, an international cybercrime ring that had been responsible for stealing and encrypting the data of more than 1,500 companies from 80 different countries. Cybercrime is a constantly evolving threat.

Ransomware 98

Ransomware Cybercrime Cryptocurrency Telecommunications 98

Security Affairs

JUNE 14, 2021

The member states of the G7 group have called on Russia and other states to dismantle operations of the ransomware gangs operating within their countries. G7 member states have called on Russia and other states to dismantle operations of ransomware gangs operating within their countries. SecurityAffairs – hacking, ransomware).

Ransomware 108

Ransomware Cybercrime Telecommunications Accountability 108

Approachable Cyber Threats

MARCH 9, 2023

Category Awareness, News, Case Study As one of the world’s fastest-growing industries, telecommunication has become a highly vulnerable target for cybersecurity threats. In short, telecommunications (telecom) is a fundamental and critical component of our global infrastructure. Read more of the ACT

Telecommunications 52

Telecommunications IoT Firewall Encryption 52

Security Affairs

MARCH 6, 2023

On Sunday, a ransomware attack hit the Hospital Clinic de Barcelona, one of the main hospitals of the Catalan city. A local cybersecurity agency revealed that the attack was launched by a ransomware group known as Ransom House. At this time the ransomware gang behind the attack has yet to demand the payment of a ransom.

Ransomware 98

Ransomware Telecommunications Cyber Attacks Data breaches 98

Security Affairs

NOVEMBER 11, 2022

Microsoft linked Prestige ransomware attacks against organizations in Ukraine and Poland to Russia-linked threat actors. Microsoft has identified a new ransomware strain "Prestige" in limited targeted attacks in Ukraine and Poland. The campaign shares victimology with recent operations conducted by Russia-linked threat actors.

Ransomware 98

Ransomware Telecommunications DNS Hacking 98

Security Affairs

MAY 31, 2022

Costa Rican Social Security Fund, Costa Rica ‘s public health service, was hit by a Hive ransomware attack. Costa Rican Social Security Fund, Costa Rica ‘s public health service (aka CCCS), was hit today by a Hive ransomware attack, BleepingComputer reported. The attack occurred early this morning, Tuesday, May 31, 2022.

Ransomware 114

Ransomware Government Telecommunications Hacking 114

Security Affairs

OCTOBER 18, 2021

A ransomware attack is likely the cause of the recent downtime for TV stations owned by the Sinclair Broadcast Group broadcast television company. TV stations owned by the Sinclair Broadcast Group went down over the weekend officially due to technical issues, but some media [ 1 , 2 ] reported that it was a victim of a ransomware attack.

Ransomware 105

Ransomware Media Telecommunications Marketing 105

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches 125

Data breaches Banking Hacking Malware 125

The Last Watchdog

APRIL 13, 2022

The Russian government, military, and intelligence service may wish to achieve some operational effect, for example, disrupting the power grid or interfering with telecommunications infrastructure, which may be part of a larger war plan. Educate your employees on threats and risks such as phishing and malware.

Cybersecurity 214

Cybersecurity Cybercrime Education Government 214

Security Affairs

OCTOBER 8, 2023

QakBot threat actors are still operational after the August takedown Ransomware attack on MGM Resorts costs $110 Million Cybersecurity, why a hotline number could be important? Every week the best security articles from Security Affairs are free for you in your email box.

Ransomware 127

Ransomware Data breaches Hacking Cybercrime 127

Security Boulevard

MARCH 14, 2022

Threat Actor Update: Iranian State Sponsored APT Conducts Cyber Espionage and Ransomware Activities. MuddyWater has been observed conducting cyber espionage and other cyber activities targeting telecommunication, defense, government, oil and natural gas in Asia, Europe, and North America since approximately 2018 [ 1 ].

Ransomware 98

Ransomware Government Telecommunications Malware 98

Krebs on Security

DECEMBER 29, 2022

This bold about-face dumbfounded many longtime Norton users because antivirus firms had spent years broadly classifying all cryptomining programs as malware. Ransomware group Conti chimes in shortly after the invasion, vowing to attack anyone who tries to stand in Mother Russia’s way. Uber blames LAPSUS$ for the intrusion.

Cryptocurrency 288

Cryptocurrency Cybercrime Computers and Electronics Scams 288