Security Affairs

FEBRUARY 19, 2019

Since the beginning of the year, security firms observed a new intense ransomware campaign spreading the Shade ransomware. Between January and February, a new, intense, ransomware campaign has been observed by many security firms. Trend of malicious JavaScript downloading Shade ransomware (source: ESET).

Ransomware 77

Ransomware Mining File names Encryption 77

eSecurity Planet

FEBRUARY 26, 2024

February 21, 2024 5 Vulnerabilities Impact Joomla CMS Type of vulnerability: Mail address escaping, XSS, and remote code execution. Furthermore, threat actors use the authentication bypass issue to spread LockBit ransomware on infiltrated networks, specifically targeting vulnerable ScreenConnect servers. and iPadOS 17.3.

Risk 106

Risk Authentication Systems administration Ransomware 106

Security Affairs

APRIL 2, 2019

Hacked websites were used for several malicious purposes, experts observed compromised WordPress and Joomla websites serving Shade /Troldesh ransomware, coin miners, backdoors, and some times were involved in phishing campaigns. jpg are EXE files that are the Shade ransomware. jpg are EXE files that are the Shade ransomware.

CMS 111

CMS Phishing Ransomware File names 111

Security Affairs

MARCH 1, 2021

The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. The framework was improved to deploy a wider range of malware, including ransomware payloads. ” reads the analysis published by researchers Gabor Szappanos and Andrew Brandt from Sophos.

Search queries 114

Search queries CMS Ransomware File names 114

Security Affairs

JANUARY 17, 2022

Unlike other disinformation campaigns, GhostWriter doesn’t spread through social networks, instead, threat actors behind this campaign abused compromised content management systems (CMS) of news websites or spoofed email accounts to disseminate fake news.

CMS 101

CMS Encryption Government Personal data 101

IT Governance

NOVEMBER 20, 2023

a property management company in Kentucky Incident details: The ransomware group Hunters International has added Homeland, Inc. Incident details: SEI, an online payment service provider, has notified customers that its systems has been accessed by an unknown individual who copied an encrypted database. to its leak site.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

Security Affairs

DECEMBER 17, 2019

The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. The command and control protocol uses TLS and RC4 double-layer encryption, Dacls uses AES to encrypt configuration file and supports C2 instruction dynamic update.

CMS 83

CMS File names Encryption Access 83