IT Governance

DECEMBER 1, 2021

With one month left in 2021, the annual total running total of compromised records is to just shy of 5 billion. Ransomware. Ransomware. In November, we discovered 81 publicly disclosed cyber security incidents, accounting for 223,615,390 breached records. Cyber attacks. Data breaches. Financial information. In other news….

Data breaches 141

Data breaches Ransomware Computer and Electronics Healthcare 141

IT Governance

JANUARY 10, 2022

For many, 2021 was a year to forget. The cyber security landscape offered similarly familiar topics: there were huge data breaches at Facebook and LinkedIn, while the threat of ransomware reached catastrophic levels. 2021 got off to an inauspicious start when cyber security researchers reported a huge leak of Brazilian residents’ data.

Security 115

Security Data breaches Ransomware Phishing 115

Security Affairs

DECEMBER 17, 2021

The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. ” reads the analysis published by AdvIntel. .

Ransomware 126

Ransomware Energy and Utilities IT Libraries 126

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware 101

Ransomware Encryption Government Retail 101

IT Governance

SEPTEMBER 1, 2021

Ransomware. Ransomware. Isle of Wight schools hit by ransomware (unknown) Lazio region suspends vaccination reservations after ransomware attack (unknown) Coghlin Electrical Co. You can that incident, along with our full list of cyber attacks and data breaches, below – with those affecting UK organisations listed in bold.

Data breaches 140

Data breaches Ransomware Insurance Data migration 140

Security Affairs

FEBRUARY 14, 2022

The attack, which likely was a ransomware attack, impacted the computer network of the TV channel and caused the cancellation of the evening edition of 24UR daily news show. The post Alleged ransomware attack disrupted operations at Slovenia’s Pop TV station appeared first on Security Affairs. ” Source Broadbandtvnews. .

Ransomware 88

Ransomware Libraries Security IT 88

Security Affairs

DECEMBER 16, 2021

Experts warn that threat actors are actively attempting to exploit a second bug disclosed in the popular Log4j logging library. American web infrastructure and website security company Cloudflare warns that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046 , disclosed in the Log4j library.

Libraries 135

Libraries Ransomware Access Security 135

eSecurity Planet

DECEMBER 15, 2021

Nation-state cyber threat groups and ransomware attackers are moving in to exploit a critical flaw found in the seemingly ubiquitous Apache Log4j open-source logging tool, as attacks spread just days after the vulnerability that could affect hundreds of millions of devices was made public late last week. 11 as a malicious.NET binary file.

Ransomware 128

Ransomware Cybersecurity Access Libraries 128

Security Affairs

OCTOBER 27, 2022

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. Microsoft has discovered recent activity that links the Raspberry Robin worm to human-operated ransomware attacks. . The final-stage malware was the Clop ransomware.

Ransomware 99

Ransomware Access Encryption Manufacturing 99

Security Affairs

JUNE 22, 2021

DarkRadiation is a new strain of ransomware implemented in Bash that targets Linux and Docker cloud containers and leverages Telegram for C2. Trend Micro researchers spotted a new strain of ransomware, dubbed DarkRadiation, which is writted in Bash script and target Linux distributions (Red Hat/CentOS and Debian) and Docker cloud containers.

Ransomware 106

Ransomware Encryption Passwords Cloud 106

Data Protection Report

DECEMBER 13, 2021

On December 9, 2021 a critical vulnerability (CVE-2021-44228) was reported within the Apache Log4j Java logging framework. Exploited systems are at risk for ransomware, data exfiltration, cryptomining, and other malicious activities perpetrated by criminal organizations and nation-state actors.

Libraries 59

Libraries Ransomware Cloud Risk 59

Security Affairs

DECEMBER 18, 2021

Multiple flaws in the Log4J library are scaring organizations worldwide while threat actors are already exploiting them. While the experts were warning that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046 , disclosed in the Log4j library a third security vulnerability made the headlines.

Libraries 144

Libraries Security Ransomware IT 144

Security Affairs

MARCH 28, 2024

In 2023, the researchers observed a surge in zero-day vulnerabilities in third-party components and libraries that can impact all products that use them. The researchers also tracked at least four ransomware groups exploiting four zero-day vulnerabilities. ” continues the report. ” concludes the report.

Government 114

Government Ransomware Libraries Access 114

Security Affairs

JANUARY 22, 2022

Recently Microsoft posted a warning about a new campaign from a China-based actor it tracks as DEV-0401 to exploit the Log4Shell vulnerability on VMware Horizon systems exposed on the internet, and deploy Night Sky ransomware. Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105. .

Cybersecurity 98

Cybersecurity Ransomware Libraries Risk 98

Security Affairs

JANUARY 2, 2022

If you want to also receive for free the newsletter with the international press subscribe here. If you want to also receive for free the newsletter with the international press subscribe here.

Security 95

Security Ransomware Libraries Data breaches 95

IT Governance

JUNE 1, 2023

You can find the full list below, divided into four categories: cyber attacks, ransomware, data breaches, and malicious insiders and miscellaneous incidents. IT Governance found 98 publicly disclosed security incidents in May 2023, accounting for 98,226,877 breached records. million) Apria Healthcare suffers security breach (1.8

Data breaches 98

Data breaches Ransomware Insurance Personal data 98

Security Affairs

JANUARY 26, 2022

This month, the Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems. The virtualization giant urges customers to examine VMSA-2021-0028 and apply the guidance for Horizon. ” reads the guidance.

Ransomware 97

Ransomware Libraries Risk Access 97

IT Governance

JUNE 1, 2022

Ransomware. Ransomware. In other news… Google fights doxxing with updated personal info removal policy Mozilla finds mental health apps fail ‘spectacularly’ at user security, data policies Conti ransomware shuts down operation, rebrands into smaller units GoodWill Ransomware demands food for the poor to decrypt locked files.

Data breaches 126

Data breaches Ransomware Phishing Education 126

Security Affairs

DECEMBER 16, 2021

Microsoft researchers reported that Nation-state actors from China, Iran, North Korea, and Turkey are now abusing the Log4Shell (CVE-2021-44228) in the Log4J library in their campaigns. Microsoft also confirmed that the exploitation of the Log4Shell to deploy the Khonsari ransomware , as discussed by Bitdefender recently.

Ransomware 89

Ransomware Libraries Access Security 89

Security Affairs

JANUARY 7, 2022

.” Once installed a web shell, threat actors can use it to carry out a broad range of malicious activities, such as deploying data exfiltration or deployment of ransomware. The ransomware group used the exploit to target internal devices that are not protected. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 94

Ransomware Libraries Access Security 94

Security Affairs

JANUARY 29, 2023

Gootkit has been known to use fileless techniques to deliver threats such as the SunCrypt , and REvil (Sodinokibi) ransomware, Kronos trojans, and Cobalt Strike. This is a trojanized JavaScript library containing an obfuscated JScript file, which will ultimately execute GOOTLOADER.POWERSHELL. The user opens the ZIP file and clicks the.JS

Libraries 91

Libraries Archiving Ransomware IT 91

eSecurity Planet

DECEMBER 10, 2021

The bug, tracked as CVE-2021-44228 , is a zero-day vulnerability that allows unauthenticated remote code execution (RCE) that could give attacks control of the systems the software is running in. Also read: Top Vulnerability Management Tools for 2021. Also read: Best Patch Management Software for 2021. ” The Logj4 tweet.

Risk 135

Risk Libraries Cybersecurity Honeypots 135

Security Affairs

FEBRUARY 7, 2021

Hackers abuse Plex Media servers for DDoS amplification attacks TeamTNT group uses Hildegard Malware to target Kubernetes Systems Experts found critical flaws in Realtek Wi-Fi Module Packaging giant WestRock is still working to resume after recent Ransomware Attack Watch out! The Great Suspender Chrome extension contains Malware.

Security 70

Security Ransomware Encryption Libraries 70

Security Affairs

JULY 29, 2022

The malware was first spotted in September 2021, the experts observed Raspberry Robin targeting organizations in the technology and manufacturing industries. “The DEV-0206-associated FakeUpdates activity on affected systems has since led to follow-on actions resembling DEV-0243 pre-ransomware behavior.”

Manufacturing 109

Manufacturing Libraries Access Communications 109

Security Affairs

OCTOBER 23, 2022

15 Mysterious Prestige ransomware targets organizations in Ukraine and Poland Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug. Follow me on Twitter: @securityaffairs and Facebook.

Security 69

Security Data breaches Ransomware Retail 69

Security Affairs

MARCH 16, 2023

. “Actors were then able to upload malicious dynamic-link library (DLL) files (some masqueraded as portable network graphics [PNG] files) to the C:WindowsTemp directory.” The flaw was also used in the past by the NetWalker ransomware gang in its operations. v1 Telerik Vulnerability in U.S.

Libraries 87

Libraries Government Ransomware Cybersecurity 87

Security Affairs

SEPTEMBER 5, 2021

SEC warns of investment scams related to Hurricane Ida Apple will delay the rollout of new child pornography protection tools FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads Source code for the Babuk is available on a hacking forum USCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flaw Conti ransomware (..)

Security 58

Security Agriculture Ransomware Libraries 58

eSecurity Planet

OCTOBER 9, 2023

Ransomware gangs exploited a recently patched vulnerability in JetBrains’ TeamCity server, while Exim mail servers grappled with multiple zero-days, including remote control execution (RCE) issues. Among the issues in the last week, Android and Arm faced actively exploited vulnerabilities in GPU drivers. published on August 28, 2023.

Libraries 104

Libraries Ransomware Access Security 104

Security Affairs

DECEMBER 12, 2021

Is it a ransomware attack? Australian ACSC warns of Conti ransomware attacks against local orgs A zero-day exploit for Log4j Java library could have a tsunami impact on IT giants 1.6 If you want to also receive for free the newsletter with the international press subscribe here.

Energy and Utilities 62

Energy and Utilities Security Ransomware Libraries 62

Security Affairs

DECEMBER 24, 2022

The malware was first spotted in September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. The worm was attributed by IBM to the cybercrime gang Evil Corp , however, it is used by multiple threat actors to deliver malicious payloads such as the Clop ransomware.

Government 94

Government Communications Ransomware Manufacturing 94

IT Governance

DECEMBER 16, 2021

Log4Shell is a remote code execution exploit that’s found in versions of log4j, the popular open-source Java logging library. The vulnerability is tracked as CVE-2021-44228 and has been given the maximum 10.0 But just how concerned should you be and is there anything you can do to protect yourself? What is Log4Shell? severity rating.

Libraries 105

Libraries Personal data Ransomware Security 105

Security Affairs

FEBRUARY 18, 2023

” According to the company, the attack is part of a multi-year campaign that was the cause of the data breaches disclosed in November 2021, which impacted 1.2 million customers , and March 2020, which exposed data of 28,000 customers. ” concludes the company.

Data breaches 92

Data breaches Military Manufacturing Libraries 92

Security Affairs

JULY 1, 2021

While not highly sensitive, the data could still be used by threat actors to stage attacks against US business owners who the threat actors might see as being more affluent and potentially vulnerable to phishing and ransomware attacks. Our teams have investigated a set of alleged LinkedIn data that has been posted for sale. “Our

Data breaches 94

Data breaches Sales Data collection Libraries 94

Security Affairs

DECEMBER 24, 2022

The malware was first spotted in September 2021, the experts observed it targeting organizations in the technology and manufacturing industries. The worm was attributed by IBM to the cybercrime gang Evil Corp , however, it is used by multiple threat actors to deliver malicious payloads such as the Clop ransomware.

Government 52

Government Communications Ransomware Manufacturing 52

Security Affairs

OCTOBER 9, 2021

To see if any of your online accounts were exposed in previous security breaches, use our personal data leak checker with a library of 15+ billion breached records. With that said, exposed configuration files can serve as quick infiltration shortcuts for ransomware groups that could take a company’s servers and data hostage.

IoT 116

IoT Access Ransomware Education 116

IBM Big Data Hub

SEPTEMBER 1, 2023

Common types of malware include: Ransomware locks a victim’s data or device and threatens to keep it locked, or leak it publicly, unless the victim pays a ransom to the attacker. According to the IBM Security X-Force Threat Intelligence Index 2023 , ransomware attacks represented 17 percent of all cyberattacks in 2022. .

Phishing 107

Phishing Passwords IoT Cybersecurity 107

Security Affairs

FEBRUARY 10, 2022

Regsvr32 is a Microsoft-signed command line utility in Windows which allows users to register and unregister DLLs (Dynamic Link Library). Figure 2: Timeline from March 2021 – January 2022. SecurityAffairs – hacking, REvil ransomware). This blog details the use of regsvr32.exe Regsvr32 Utility and Squiblydoo Technique.

Libraries 96

Libraries Ransomware Security IT 96