Security Affairs

JANUARY 14, 2022

Russia’s FSB announced to have dismantled the REvil ransomware gang, the infamous group behind Kaseya and JBS USA. The Russian Federal Security Service (FSB) announced to have shut down the REvil ransomware gang, the group that is behind a long string of attacks against large organizations, such as Kaseya and JBS USA.

Ransomware 108

Ransomware Government Encryption Security 108

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. ” reads the issued by French CERT.

Ransomware 112

Ransomware Government Encryption Passwords 112

Security Affairs

OCTOBER 1, 2023

Bleeping Computer last week reported that Johnson Controls International has suffered a ransomware attack that impacted many systems of the company. Threat actors initially breached the systems at Asia offices, the ransomware also targeted the VMware ESXi servers. reported Bleeping Computer. ” reads the article published by CNN.

Ransomware 132

Ransomware Insurance Cybersecurity Encryption 132

Security Affairs

JANUARY 26, 2023

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” ” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site. ” reads the message published on the leak site.

Military 89

Military Manufacturing Ransomware Mining 89

Krebs on Security

DECEMBER 27, 2019

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. A now-deleted Tweet from Synoptek on Dec.

Ransomware 178

Ransomware IT Phishing Financial Services 178

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital. .

Ransomware 112

Ransomware IT Access Manufacturing 112

Security Affairs

OCTOBER 27, 2021

Grief ransomware operators claim to have compromised computer systems at US National Rifle Association (NRA) and added it to their leak site. Grief ransomware operators announced to have hacked US National Rifle Association (NRA) and threaten to leak the stolen data. In 2019, the U.S. Pierluigi Paganini.

Ransomware 124

Ransomware Government IT Security 124

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. government has used court orders to remotely disinfect systems compromised with malware. Emerging in 2007 as a banking trojan, QakBot (a.k.a.

Ransomware 239

Ransomware Government Military Access 239

Krebs on Security

AUGUST 29, 2019

PerCSoft , a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack. The ransomware attack hit PerCSoft on the morning of Monday, Aug. West Allis, Wis.-based

Ransomware 218

Ransomware Insurance Encryption Cloud 218

Security Affairs

JULY 2, 2020

Researchers at Cyble reported that Maze Ransomware Operators allegedly breached National Highways Authority Of India (Nhai). The Maze ransomware operators allegedly breached the NHAI and leaked the data of their leak site. The Maze ransomware operators allegedly breached the NHAI and leaked the data of their leak site.

Ransomware 122

Ransomware Government Phishing Security 122

Security Affairs

JULY 25, 2022

The ransomware group Lockbit claims to have stolen 78 GB of files from the Italian Revenue Agency (Agenzia delle Entrate). The ransomware gang Lockbit claims to have hacked the Italian Revenue Agency (Agenzia delle Entrate) and added the government agency to the list of victims reported on its dark web leak site. 300 of 1999.

Ransomware 102

Ransomware Government IT Security 102

Security Affairs

MAY 16, 2021

Avaddon ransomware gang has breached the France-based financial consultancy firm Acer Finance. Avaddon ransomware gang made the headlines again, the cybercrime gang has breached the France-based financial consultancy firm Acer Finance. Acer Finance operates as an investment management company. Pierluigi Paganini.

Ransomware 118

Ransomware Manufacturing Communications Risk 118

eSecurity Planet

JULY 19, 2022

Discovered by malware hunter JAMESWT on Twitter, Lilith is ransomware designed to lock Windows machines. While Lilith does not introduce any innovative approach, according to Cyble, it clearly shows a trend in the current ransomware landscape. Also read: Best Ransomware Removal and Recovery Services. The malware uses a custom “.lilith”

Ransomware 109

Ransomware Encryption File names Government 109

Security Affairs

JANUARY 27, 2022

A few hours ago Lockbit ransomware operators announced to have stolen data from Ministry of Justice of France. A few hours ago Lockbit ransomware operators have announced to have stolen data from Ministry of Justice of France and threatened to leak it. SecurityAffairs – hacking, Lockbit ransomware). Pierluigi Paganini.

Ransomware 97

Ransomware Government Security IT 97

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital. .

Ransomware 88

Ransomware IT Access Manufacturing 88

Security Affairs

JUNE 6, 2020

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. MAZE ransomware operators have stolen sensitive data from Westech, a company that supports the US Minuteman III nuclear deterrent. SecurityAffairs – Maze Ransomware, hacking).

Military 114

Military Ransomware Encryption Risk 114

IT Governance

OCTOBER 4, 2021

Ransomware – malware that aims to prevent victims from accessing their data unless they pay their attackers – seems to be in the news more than ever before. Sophos’s most recent annual ransomware survey, The State of Ransomware 2021 , found that 37% of organisations surveyed in 2021 had been affected by ransomware in the previous year.

Ransomware 134

Ransomware Insurance Phishing Access 134

Security Affairs

NOVEMBER 6, 2022

The ransomware group LockBit claimed to have stolen data from consulting and IT services provider Kearney & Company. Kearney is the premier CPA firm that services across the financial management spectrum to government entities. The company provides audit, consulting and IT services to the United States government.

Ransomware 131

Ransomware Government IT Security 131

Security Affairs

MAY 16, 2021

Ireland Health Service Executive (HSE) refuses to pay a $20 million ransom demand after its systems were hit by the Conti ransomware gang. Ireland’s Health Service Executive that was forced to shut down its IT systems on Friday after being targeted with a significant ransomware attack. ” reported BleepingComputer.

Ransomware 120

Ransomware IoT Cybersecurity Government 120

Security Affairs

JUNE 3, 2020

REvil /Sodinokibi ransomware operators launch an auction site to sell data stolen from victims that have chosen to not pay the ransom. The Sodinokibi ransomware operators have launched an eBay-like auction site for stolen data where they plan to sell data stolen from the victims. Source BleepingComputer.

Ransomware 106

Ransomware Agriculture Cybersecurity Government 106

Security Affairs

JANUARY 26, 2020

A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. It is not clear if the malware was developed by the threat actors behind Ryuk Ransomware for data exfiltration. Anyone remember this "Ryuk Stealer"? Source BleepingComputer.

Military 118

Military Government Ransomware Privacy 118

Security Affairs

NOVEMBER 27, 2020

Canon finally confirmed that it has suffered a ransomware attack in early August that resulted in the theft of data from its servers. Canon has finally confirmed that it was the victim of a ransomware attack in early August and that the threat actors also stole data from its servers. Canon internal notice – Source BleepingComputer.

Data breaches 136

Data breaches Ransomware Archiving Access 136

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. Reached by phone today, Jansson said he quit the company in August, right around the time Gunnebo disclosed the thwarted ransomware attack.

Ransomware 337

Ransomware Security Agriculture Cybersecurity 337

Security Affairs

NOVEMBER 29, 2021

Biopharmaceutical company Supernus Pharmaceuticals discloses a ransomware attack, the Hive ransomware claims to have stolen company data. Biopharmaceutical company Supernus Pharmaceuticals confirmed it was the victim of a data breach after a ransomware attack that hit the firm last in Mid-November. filed this document [link].

Healthcare 95

Healthcare Ransomware Encryption Data breaches 95

Security Affairs

OCTOBER 1, 2020

K-Electric, Pakistan’s largest private power company, did not pay the ransom and the Netwalker ransomware operators have leaked the stolen data. In early September, K-Electric (KE), the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services.

Ransomware 136

Ransomware Archiving Encryption Access 136

Security Affairs

APRIL 8, 2020

On March 21, the Maze ransomware operators published some of the stolen files on their “leak site,” after the refusal of the research firm of paying the ransom. The attack took place on March 14th, 2020, when the Maze Ransomware operators exfiltrated data from the HMR’s network and then encrypt their systems.

Ransomware 105

Ransomware Data breaches Encryption Financial Services 105

Security Affairs

FEBRUARY 6, 2023

The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers. The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers worldwide, including Italian systems. ” reads the alert published by ACN.

Ransomware 93

Ransomware Cybersecurity Metadata Encryption 93

IT Governance

APRIL 28, 2022

The Stormous ransomware gang announced earlier this week that it had hacked Coca-Cola and stolen 161 gigabytes of data. By comparison, a report published last year found that US firms pay $6 million on average in ransomware demands. There usually isn’t much doubt about whether you’ve been hit by ransomware. An unusual attack.

Ransomware 127

Ransomware Phishing Encryption Sales 127

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. A ransomware attack is about as bad as a cyber attack can get. Jump to: What is ransomware? How ransomware works. Preventing ransomware. Ransomware attacks and costs.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Security Affairs

FEBRUARY 12, 2022

CISA, FBI and NSA published a joint advisory warning of ransomware attacks targeting critical infrastructure organizations. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Cybersecurity agencies from the U.K., ” reads the joint advisory.

Ransomware 97

Ransomware Agriculture Encryption Phishing 97

Security Affairs

SEPTEMBER 9, 2020

K-Electric, the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services. K-Electric, the electricity provider for Karachi (Pakistan) is another victim of the Netwalker ransomware gang, the infection disrupted billing and online services.

Ransomware 135

Ransomware Energy and Utilities Passwords Access 135

Security Affairs

APRIL 27, 2020

The Israeli government has issued an alert to organizations in the water sector following a series of cyberattacks that targeted the water facilities. ” reads the alert issued by the Israeli government. In 2016, BWL Electric and Water Utility shut down following a ransomware attack. Pierluigi Paganini.

Energy and Utilities 136

Energy and Utilities Government Passwords Ransomware 136

Security Affairs

APRIL 22, 2020

The City of Torrance of the Los Angeles metropolitan area, California, is the last victim of the DoppelPaymer Ransomware, hackers also stole its data. “Based on the names of the archives, this data includes city budget financials, various accounting documents, document scans, and an archive of documents belonging to the City Manager.”

Ransomware 100

Ransomware Archiving Data breaches Encryption 100

Krebs on Security

FEBRUARY 1, 2024

government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day. However, the document refers to the victim in this case only by the name “Victim 1.” 11-12, 2022. 2, 2024.

Blockchain 223

Blockchain Ransomware Retail Analytics 223

Security Affairs

FEBRUARY 29, 2024

Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks, after the recent law enforcement operation. The LockBit ransomware group appears to have fully recovered its operations following the recent law enforcement initiative, code-named Operation Cronos , which aimed to disrupt its activities.

IT 105

IT Ransomware Encryption Government 105

Security Affairs

FEBRUARY 5, 2022

The FBI released a flash alert containing technical details associated with the LockBit ransomware operation. The Federal Bureau of Investigation (FBI) has issued a flash alert containing technical details and indicators of compromise associated with LockBit ransomware operations. Like other ransomware gangs, Lockbit 2.0

Ransomware 95

Ransomware Encryption Passwords Communications 95

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC. Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches 105

Data breaches Security MDM Ransomware 105