Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog. and Europe in early March.”

Ransomware 289

Ransomware Agriculture Encryption Access 289

Data Breach Today

DECEMBER 13, 2023

Oxygen of Publicity' Helps Intimidate Victims and Recruit Affiliates, Experts Warn Seeking to maximize profits no matter the cost, ransomware groups have been bolstering their technical prowess and psychological shakedowns with a fresh strategy: attempting to control the narrative.

Ransomware 313

Ransomware Marketing Security 313

Data Breach Today

OCTOBER 24, 2022

Information Commissioner levied a nearly $5 million fine against Interserve Group Limited for its lack of security protections in the run-up to a 2020 ransomware attack. The firm kept employee data on servers running obsolete versions of Windows and used outdated antivirus software.

Ransomware 239

Ransomware Security IT 239

eSecurity Planet

NOVEMBER 11, 2022

Check Point security researchers recently described the Azov ransomware as an “effective, fast, and unfortunately unrecoverable data wiper,” noting that the malware seems far more focused on destroying data than on any effort to demand a ransom. As Check Point’s Ji?í Framing Researchers.

Ransomware 113

Ransomware Security Encryption Cybersecurity 113

Data Breach Today

JANUARY 8, 2024

State AG Settlement Comes After 2021 Lorenz Ransomware Attack on Health Center A federally funded health center that provides services to underserved communities in New York has been fined up to $450,000 and must invest $1.2

Security 267

Security Ransomware IT 267

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. Gb AWACS software - 13 Gb.esm files - 1.9

Ransomware 112

Ransomware Manufacturing Insurance Cybersecurity 112

Krebs on Security

DECEMBER 19, 2023

Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. BlackCat formed by recruiting operators from several competing or disbanded ransomware organizations — including REvil , BlackMatter and DarkSide.

Ransomware 247

Ransomware Encryption IT Access 247

Data Breach Today

FEBRUARY 20, 2024

Even if Group Reboots, Disruption Already Stands as a Success, Experts Say Blue Monday arrived late this year for the LockBit ransomware-as-a-service group, after an international coalition of law enforcement agencies seized swathes of its infrastructure.

Ransomware 284

Ransomware Security IT 284

Data Breach Today

OCTOBER 3, 2020

Researchers Note Similarities to Sekhmet Crypto-Locking Malware Security researchers with Appgate are warning about a recently uncovered ransomware variant called Egregor that appears to have infected about a dozen organizations worldwide over the past several months.

Ransomware 320

Ransomware Security 320

Krebs on Security

FEBRUARY 29, 2024

The ransomware group LockBit told officials with Fulton County, Ga. Security experts say LockBit was likely bluffing and probably lost most of the data when the gang’s servers were seized this month by U.S. The LockBit website included a countdown timer until the promised release of data stolen from Fulton County, Ga.

Security 251

Security Ransomware IT Access 251

Data Breach Today

NOVEMBER 30, 2020

Company Finally Acknowledges Earlier Incident Exposed Corporate Information Canon USA has finally acknowledged that a ransomware attack earlier this year involved the theft of corporate data, including employee information, such as Social Security numbers and financial account numbers.

Ransomware 250

Ransomware Security 250

Data Breach Today

AUGUST 22, 2023

The Attack Accesses an Exposed API on a Component of the Veeam Application The Cuba ransomware group is exploiting a bug in data backup software exposed in March, warn BlackBerry security researchers.

Ransomware 242

Ransomware Access Security IT 242

Data Breach Today

FEBRUARY 2, 2024

Today, we examine what happens when ransomware groups get careless, application developers' laissez-faire attitude toward vulnerabilities, and the security woes of a beleaguered crypto exchange.

Ransomware 259

Ransomware Cloud Security 259

Data Breach Today

NOVEMBER 22, 2019

Maze Crew Reportedly Threatens to Release More of Allied Universal's Data Unless Ransom Paid Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom.

Ransomware 277

Ransomware Security 277

Data Breach Today

FEBRUARY 22, 2024

Numerous Impediments Remain, Should Administrators Attempt to Reboot Operation The notorious ransomware-as-a-service group LockBit, disrupted by law enforcement this week, was developing a new version of its crypto-locking malware prior to being disrupted, security researchers report.

Ransomware 260

Ransomware Security IT 260

Data Breach Today

JUNE 9, 2020

Criminals Keep Hitting Big Targets Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Can't Stop the Crypto-Locking Malware Attacks?

Ransomware 328

Ransomware Security IT 328

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin.

Ransomware 306

Ransomware Encryption Manufacturing Phishing 306

Data Breach Today

SEPTEMBER 25, 2023

2,050 Organizations Affected After Data Stolen From Secure File-Sharing Software The count of organizations affected by the Clop ransomware group's most recent mass targeting of Progress Software's secure file transfer software doubled last week.

Data breaches 315

Data breaches Ransomware Security IT 315

Security Affairs

OCTOBER 27, 2023

The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Lockbit ransomware group today added Boeing to the list of victims on its Tor leak site. ransomware ??????: In 2022, Boeing recorded $66.61 In 2022, Boeing recorded $66.61

Ransomware 133

Ransomware Manufacturing Military Sales 133

Security Affairs

APRIL 17, 2024

Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence Data Center and Server.

Ransomware 135

Ransomware Encryption Access IT 135

Security Affairs

DECEMBER 22, 2023

The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The Akira ransomware gang claimed to have breached Nissan Australia and to have stolen around 100GB of files from the carmaker giant. “We’ve obtained 100 GB of data of Nissan Australia.

Ransomware 127

Ransomware Data breaches Financial Services Archiving 127

Security Affairs

MARCH 8, 2024

The ransomware attack on Xplain impacted tens of thousands Federal government files, said the National Cyber Security Centre (NCSC) of Switzerland. The National Cyber Security Centre (NCSC) published a data analysis report on the data breach resulting from the ransomware attack on the IT services provider Xplain.

Ransomware 120

Ransomware Data breaches Unstructured data Personal data 120

Security Affairs

OCTOBER 1, 2023

Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management.

Ransomware 129

Ransomware Insurance Cybersecurity Encryption 129

Security Affairs

NOVEMBER 13, 2023

The LockBit ransomware group published data allegedly stolen from the aerospace giant Boeing in a recent attack. At the end of October, the Lockbit ransomware group added Boeing to the list of victims on its Tor leak site. Most recent documents in the leaked data are dated back to October 22.

Ransomware 119

Ransomware Authentication Manufacturing Sales 119

Security Affairs

DECEMBER 9, 2023

Kentucky health system Norton Healthcare disclosed a data breach after it was a victim of a ransomware attack in May. Norton Healthcare disclosed a data breach after a ransomware attack that hit the organization on May 9, 2023. ” reads the notice of security incident. BlackCat claimed to have exfiltrated 4.7

Data breaches 118

Data breaches Ransomware Insurance Access 118

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. Threat actors use FileZilla, WinRAR, WinSCP, and RClone for data exfiltration.

Ransomware 108

Ransomware Encryption Education Phishing 108

Security Affairs

OCTOBER 15, 2023

The Alphv ransomware group added the Morrison Community Hospital to its dark web leak site. The ALPHV/BlackCat ransomware group claims to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site. The gang also published a sample as proof of the stolen data. Stats for 2022 in the link.

Ransomware 125

Ransomware Encryption Data breaches IT 125

IBM Big Data Hub

JANUARY 22, 2024

It’s the news no organization wants to hear―you’ve been the victim of a ransomware attack, and now you’re wondering what to do next. Over 17 percent of all cyberattacks involve ransomware —a type of malware that keeps a victim’s data or device locked unless the victim pays the hacker a ransom.

Ransomware 116

Ransomware Encryption Analytics Data breaches 116

Security Affairs

APRIL 3, 2024

Jackson County, Missouri, confirmed that a ransomware attack has disrupted several county services. A ransomware attack disrupted several services of the Jackson County, Missouri. “Jackson County has confirmed a ransomware attack was responsible for the disruption of several county services today.”

Ransomware 100

Ransomware Cybersecurity IT Security 100

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. The Akira ransomware gang claimed the theft of 430 GB of data from the university’s systems.

Ransomware 111

Ransomware Data breaches Passwords Access 111

Security Affairs

APRIL 10, 2024

Group Health Cooperative of South Central Wisconsin disclosed a data breach that impacted over 500,000 individuals. The organization disclosed a data breach after a ransomware attack, the incident impacted 533,809 individuals. ” reads the data breach notification shared with the Maine Attorney General.

Data breaches 116

Data breaches e-Discovery Ransomware Insurance 116

Security Affairs

APRIL 18, 2024

The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack and the subsequent theft of data. The United Nations Development Programme (UNDP) is investigating an alleged ransomware attack that resulted in data theft. ” reads the statement published by the Agency.

Data breaches 103

Data breaches Ransomware Risk Security 103

Security Affairs

JANUARY 30, 2024

Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. BleepingComputer contacted Schneider Electric which confirmed the data breach. Kroll researchers reported that the ransomware strain outstands for the use of encryption to protect the ransomware binary.

Ransomware 127

Ransomware Data breaches Digital transformation Encryption 127

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 126

Ransomware Encryption Metadata Manufacturing 126

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

Ransomware 130

Ransomware Education Cybersecurity Passwords 130

Security Affairs

FEBRUARY 13, 2024

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. The threat actors demand the payment of 3.5

Ransomware 114

Ransomware Cleanup Encryption Cybersecurity 114

Security Affairs

FEBRUARY 19, 2024

The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pilfering 1.5TB of data from the Energy management and industrial automation giant Schneider Electric.

Ransomware 105

Ransomware Digital transformation Encryption Retail 105