article thumbnail

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. “The command requires Windows system administrators,” Truniger’s ads explained.

article thumbnail

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

Fedir Hladyr (35), a Ukrainian national was sentenced today to 10 years in prison for his role in the financially motivated group FIN7, aka Carbanak. Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak. The man is suspected to be a supervisor of the group.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ransomware Gang Uses Log4Shell

Data Breach Today

AvosLocker Makes Use of Unpatched VMWare Virtual Desktop Software Ransomware group AvosLocker made use of unpatched VMWare Horizon applications to hack into an unidentified organization’s systems, says analysis from Cisco Talos. The race between systems administrators and hackers to patch the Log4j vulnerability is ongoing.

article thumbnail

LockBit ransomware group claims to have hacked Bridgestone Americas

Security Affairs

” Lockbit continues to be one of the most active ransomware operations at this time, unlike other groups, it pointed out that it is an apolitical group and is only interested in money. ” reads a statement published by the group on its Tor leaksite. “For us it is just business and we are all apolitical.

article thumbnail

Fake Company Sheds Light on Ransomware Group Tactics

eSecurity Planet

Ransomware groups seem to change form daily. In the latest news, the BlackMatter ransomware group announced it was shutting down – and just hours later came news that its victims were being transferred to the rival LockBit site. The group published detailed offers on popular job boards and conducted multiple job interviews.

article thumbnail

NSA warns Russia-linked APT group is exploiting Exim flaw since 2019

Security Affairs

NSA warns that Russia-linked APT group known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA). Using a previous version of Exim leaves a system vulnerable to exploitation. System administrators should continually check software versions and update as new versions become available.”

article thumbnail

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing support for encrypting Linux systems, specifically VMware ESXi servers. This joint CSA updates the advisory published by the US Government on March 17, 2022.