Security Affairs

DECEMBER 22, 2022

The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions. SentinelOne researchers discovered that the Vice Society ransomware gang has started using a custom ransomware that implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms.

Ransomware 134

Ransomware Encryption File names Education 134

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Holden’s team gained visibility into discussions among members of two different ransom groups: CLOP (a.k.a. “ Cl0p ” a.k.a. Last month, the U.S.

Ransomware 250

Ransomware Metadata Insurance Encryption 250

IT Governance

MARCH 11, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 36 million records. Data breached: 6,935,412 individuals’ data. Data breached: 6.9 Only 3 definitely haven’t had data breached.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

The Last Watchdog

DECEMBER 14, 2023

Cryptographic inventories need finalizing and quantum safe encryption needs to be adopted for sensitive communications and data. Consumers will begin to see their favorite applications touting “quantum-secure encryption.” CISOs will have to get quantum resilient encryption on their cyber roadmap. Educate your workforce.

Cybersecurity 201

Cybersecurity Encryption Marketing Risk 201

IT Governance

MARCH 5, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 183,754,481 records. EasyPark data breach: 21.1 million data records belonging to EasyPark have been listed for sale on a hacking forum.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Security Affairs

SEPTEMBER 23, 2023

MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. Once obtained access to the City’s network, the group performed reconnaissance and information-gathering activities using legitimate third-party remote management tools.

Ransomware 112

Ransomware Encryption Systems administration Cybersecurity 112

Security Affairs

AUGUST 22, 2023

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate.

Ransomware 95

Ransomware Education Encryption Authentication 95

IT Governance

APRIL 28, 2022

The Stormous ransomware gang announced earlier this week that it had hacked Coca-Cola and stolen 161 gigabytes of data. The group have put the information up for sale on the dark web, requesting just over $64,000 (about £51,000) in bitcoin. Either your systems have been crippled and you’ve received an extortion demand or you haven’t.

Ransomware 127

Ransomware Phishing Encryption Sales 127

Collibra

NOVEMBER 28, 2023

Reducing data security and privacy risks Deeper privacy insights with streamlined access to assessment data In this release, Collibra introduces a new API for Assessments that lets you quickly connect and access assessment data for deeper reporting and analytics. Privacy assessments are an integral part of any privacy program.

Risk 52

Risk Education Privacy Cloud 52

IT Governance

JANUARY 16, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is no longer publicly available. Data breached: >223,000,000 records. Data breached: >7,000,000 records. Data breached: 5,500,000 records.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Security Affairs

APRIL 24, 2021

Upon opening the attachment, ToxicEye installs itself on the victim’s device and performs some operations in background such as: stealing data deleting or transferring files killing processes on the PC hijacking the PC’s microphone and camera to record audio and video encrypting files for ransom purposes. ” concludes the report.

Communications 121

Communications File names Encryption Education 121

Security Affairs

MARCH 3, 2023

Unlike other ransomware operations, Royal doesn’t offer Ransomware-as-a-Service, it appears to be a private group without a network of affiliates. The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery. ” reads the alert. ” continues the alert.

Ransomware 96

Ransomware Encryption Cybersecurity Communications 96

IT Governance

JUNE 1, 2023

Welcome to our new-look list of data breaches and cyber attacks. So, each month, we’ll update this page with the latest figures and links, so be sure to bookmark it to keep an eye out for the latest data breach news. In August 2020, it was embroiled in a data breach affecting more than 800,000 EyeMed and Lenscrafters patients.

Data breaches 122

Data breaches Insurance Personal data Ransomware 122

Security Affairs

MAY 4, 2023

The City is investigating the scope of the incident with the help of law enforcement, at this time has yet to disclose details on the incident, including the ransomware family that hit its systems and if there is a data breach. However, CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems.

Ransomware 97

Ransomware IT Encryption Education 97

Security Affairs

JUNE 3, 2023

The Royal ransomware is written in C++, it infected Windows systems and deletes all Volume Shadow Copies to prevent data recovery. According to government experts, the Royal ransomware attacks targeted numerous critical infrastructure sectors including, manufacturing, communications, healthcare and public healthcare (HPH), and education.

Ransomware 98

Ransomware Encryption File names Cybersecurity 98

Security Affairs

NOVEMBER 16, 2022

DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan. The second stage payload is a heavily obfuscated shellcode, the APT group used an encryption method different for each sample.

Manufacturing 128

Manufacturing Education Encryption IT 128

Security Affairs

FEBRUARY 20, 2024

Lockbit ransomware group administrative staff has confirmed with us their websites have been seized. pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group.

Energy and Utilities 108

Energy and Utilities Ransomware Manufacturing Agriculture 108

IT Governance

MAY 2, 2023

Welcome to our April 2023 list of data breaches and cyber attacks. You can find the full list of data breaches and cyber attacks below, along with our rundown of the biggest incidents of the month. Biggest data breaches of April 2023 1. million people.

Data breaches 105

Data breaches Ransomware Personal data Access 105

Security Affairs

MAY 21, 2020

Meal delivery service Home Chef has disclosed a data breach that exposed its customer information. In early May, Shiny Hunters hacking group started offering for sale the databases containing tens of millions from user records from over 11 companies. At the time, the Shiny Hunters were offering more than 8 million records for $2500.

Data breaches 96

Data breaches Passwords Sales Education 96

Security Affairs

FEBRUARY 21, 2024

. “The Department of State is announcing reward offers totaling up to $15 million for information leading to the arrest and/or conviction of any individual participating in a LockBit ransomware variant attack and for information leading to the identification and/or location of any key leaders of the LockBit ransomware group.”

Energy and Utilities 96

Energy and Utilities Ransomware Agriculture Manufacturing 96

IT Governance

OCTOBER 23, 2023

Specifically, companies are increasingly asking me about how to secure their data and infrastructure while continuing to be able to work remotely. Actually, it’ll be at its most secure if it’s set to use AES (Advanced Encryption Standard) encryption instead of the weaker Blowfish encryption.

Encryption 106

Encryption Authentication Access Security 106

Thales Cloud Protection & Licensing

MARCH 23, 2022

The 2022 Thales Data Threat Report, based on data from a survey of almost 2,800 respondents from 17 countries across the globe, illustrates these trends and changes. 19% of respondents cited attackers with geopolitical goals, such as nation-state affiliated groups, followed by external attackers with financial motivations (17%).

Risk 126

Risk Security Encryption Ransomware 126

The Last Watchdog

NOVEMBER 12, 2023

It’s important that as consumers are shopping for these smart home devices that they learn to recognize the Matter trademark so that they can make educated decisions.” Matter works much the way website authentication and website traffic encryption gets executed. We’re also moving on smart commercial buildings.

Security 229

Security Manufacturing Authentication Marketing 229

The Last Watchdog

SEPTEMBER 7, 2022

This gives the perpetrator the access needed to launch the ransomware and lock the company out of its own infrastructure or encrypt files until the ransom is paid in cryptocurrency. They can refuse to pay the ransom and have criminals release sensitive data. Victims have two equally unattractive choices to resolve the situation.

Ransomware 124

Ransomware Education Phishing Financial Services 124

Security Affairs

MAY 7, 2021

Hancitor became another commodity malware which partnered with ransomware gangs to help them gain initial access to target networks – the increasing trend outlined by Group-IB researchers in the recent Ransomware Uncovered 2020/2021 report. Downloaded data is decrypted, decompressed and injected to newly started svchost.exe process.

Ransomware 118

Ransomware Education Manufacturing Healthcare 118

IT Governance

NOVEMBER 24, 2022

For example, if a criminal hacker stole payment card data, they could make bogus payments on victims’ cards for goods or services. The malicious software encrypts victims’ systems and forces them to pay money in return for the safe return of the data. Then came the rise in ransomware. Examples of cyber extortion.

IT 130

IT Ransomware Encryption Phishing 130

Hunton Privacy

AUGUST 28, 2013

On August 28, 2013, on the UK Information Commissioner’s Office’s (“ICO’s”) blog, Simon Rice, Technology Group Manager for the ICO, discussed the importance of encryption as a data security measure. Selecting the Correct Encryption Method. Safeguarding the Encryption Key.

Encryption 40

Encryption Security Passwords Education 40

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. Communication to and from the EdgeRouters involved encryption using a randomly generated 16-character AES key.

Energy and Utilities 105

Energy and Utilities Military Government Phishing 105

IT Governance

JANUARY 24, 2024

Expert insight from Leon Teale into the implications of this historic data breach The security researcher Bob Diachenko and investigators from Cybernews have discovered an open instance with more than 26 billion data records, mostly compiled from previous breaches – although it likely also includes new data.

Passwords 139

Passwords Data breaches Encryption Risk 139

Security Affairs

AUGUST 13, 2022

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada. To each encrypted file, it appends a randomized nine-digit hexadecimal number as an extension. The ransomware can be deployed as a .dll

Ransomware 94

Ransomware Encryption Communications Manufacturing 94

Data Matters

MARCH 22, 2022

Encrypt data. Educate the workforce on common attack mechanisms over email and websites. Distribute regional and local contact information to key persons and groups. Distribute the Internet Crime Complaint Center information to key persons and groups.

Cybersecurity 88

Cybersecurity Privacy Education Encryption 88

Security Affairs

AUGUST 28, 2019

Recent campaigns show t hreat actors behind the Dridex and Locky malware families , the TA505 group, have updated tactics and expanded its target list. Trend Micro revealed that the TA505 group that is behind the Dridex and Locky malware families continue to make small changes to its operations. ” continues the report.

e-Delivery 74

e-Delivery Insurance Retail Government 74

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Security 95

Security Data breaches Ransomware Artificial Intelligence 95

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware 204

Ransomware Encryption Privacy Security awareness 204

Thales Cloud Protection & Licensing

JUNE 26, 2023

They are the backbone of societies worldwide, contributing to local and national economies while sustaining livelihoods, especially among the working poor, women, youth, and marginalized groups. On top of these regulations, SMBs must abide by data sovereignty requirements, which pose more challenges regarding data residency.

Security 62

Security Encryption Cloud Cybersecurity 62

Security Affairs

AUGUST 2, 2020

The FBI warns of a new wave of Netwalker ransomware attacks that began in June, the list of victims includes the UCSF School of Medicine and the Australian logistics giant Toll Group. and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors.”

Ransomware 139

Ransomware Encryption Passwords Government 139

Krebs on Security

FEBRUARY 23, 2019

19, Apex was alerted that its systems had been infected with a destructive strain of ransomware that encrypts computer files and demands payment for a digital key needed to unscramble the data. “When they encrypt the data, that happens really fast,” he said. Roswell, Ga. on Tuesday, Feb.

Ransomware 220

Ransomware Encryption Cloud Access 220