Security Affairs

DECEMBER 6, 2022

Researchers spotted a version of the open-source ransomware toolkit Cryptonite that doesn’t support decryption capabilities. Fortinet researchers discovered a sample of malware generated with the publicly available open-source ransomware toolkit Cryptonite that never offers the decryption window, turning it as a wiper.

Ransomware 118

Ransomware Encryption Libraries IT 118

Security Affairs

JULY 1, 2023

Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. Cybersecurity firm Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. The authors used Microsoft Linker version 14.35.

Ransomware 97

Ransomware Encryption Libraries Education 97

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware.

Ransomware 104

Ransomware Manufacturing Education Libraries 104

Security Affairs

JULY 1, 2020

Experts discovered a new ransomware dubbed EvilQuest designed to target macOS systems, it also installs a keylogger and a reverse shell to take over them. macOS #ransomware impersonating as Google Software Update program with zero detection. The ransomware also checks for some common anti-virus solutions (e.g. " exists.

Ransomware 112

Ransomware Libraries Encryption Communications 112

Security Affairs

JANUARY 22, 2020

System supporting libraries in Volusia County were hit by a cyber attack, the incident took down 600 computers at Volusia County Public Library (VCPL) branches. 600 staff and public access computers were taken down at Volusia County Public Library (VCPL) branches in Daytona Beach, Florida, following a cyberattack.

Libraries 92

Libraries Ransomware Encryption Access 92

Security Affairs

JANUARY 17, 2022

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020 , it was observed targeting only Windows systems. Recently, Rising captured the Linux platform variant of the ransomware.”

Ransomware 135

Ransomware Encryption Libraries Communications 135

eSecurity Planet

OCTOBER 25, 2022

A ransomware family targeting individual computer users is using a zero-day Windows bug to infect users, ANALYGENCE senior vulnerability analyst Will Dormann has found. Also read: How to Recover From a Ransomware Attack. ” Also read: How to Decrypt Ransomware Files – And What to Do When That Fails.

Ransomware 107

Ransomware Libraries Security IT 107

eSecurity Planet

SEPTEMBER 15, 2021

Tape vendors have been promoting themselves as a solution to the ransomware problem because of their ability to provide air-gapped data backup, but trying to recover terabytes of data from a tape drive can be a little like, well, running into red tape. Q: If a ransomware attack is in your system(s), can the attack get to all your data?

Ransomware 143

Ransomware Libraries Encryption Passwords 143

Adam Shostack

JUNE 22, 2020

I’m excited to see that they’re Re-introducing the Cyentia Research Library , with cool (new?) The Cyentia Library lets us see what people are doing in terms of research and data. features like an RSS feed. ’ To be clear: I mean no criticism of Cyentia for exposing these things.

Libraries 80

Libraries Ransomware Access IT 80

Security Affairs

JULY 10, 2022

French virtual mobile telephone operator La Poste Mobile was hit by a ransomware attack that impacted administrative and management services. . The ransomware attack hit the virtual mobile telephone operator La Poste Mobile on July 4 and paralyzed administrative and management services. . SecurityAffairs – hacking, ransomware).

Ransomware 97

Ransomware Personal data Libraries Phishing 97

Security Affairs

JANUARY 11, 2022

Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems. trendmrcio[.]com,

Ransomware 93

Ransomware Libraries File names Encryption 93

Security Affairs

FEBRUARY 2, 2022

Cyber security team at retail giant Walmart dissected a new ransomware family dubbed Sugar, which implements a ransomware-as-a-service model. The cyber threat team at retail giant Walmart has analyzed a new ransomware family dubbed Sugar, which is offered through a ransomware-as-a-service (RaaS) model. Pierluigi Paganini.

Ransomware 92

Ransomware Retail Libraries Encryption 92

Security Affairs

JANUARY 6, 2023

Microsoft warns of different ransomware families (KeRanger, FileCoder, MacRansom, and EvilQuest) targeting Apple macOS systems. Microsoft Security Threat Intelligence team warns of four different ransomware families ( KeRanger , FileCoder , MacRansom , and EvilQuest ) that impact Apple macOS systems.

Ransomware 83

Ransomware Encryption Libraries Security 83

Security Affairs

OCTOBER 25, 2022

The Hive ransomware gang, which claimed the responsibility for the Tata Power data breach, started leaking data. Now the ransomware gang Hive started leaking the alleged stolen files on its Tor leak site. The main difference between the new variant of the Hive ransomware and old ones is the programming language used by the operators.

Ransomware 83

Ransomware Blockchain Encryption Data breaches 83

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The operators of the Hive ransomware upgraded their malware by migrating the malware to the Rust language and implementing a more sophisticated encryption method, Microsoft researchers warn.

Encryption 108

Encryption Ransomware Blockchain Libraries 108

Security Affairs

OCTOBER 16, 2022

Microsoft warns that new Prestige ransomware is targeting transportation and logistics organizations in Ukraine and Poland. Microsoft reported that new Prestige ransomware is being used in attacks aimed at transportation and logistics organizations in Ukraine and Poland. ” continues the report.

Ransomware 81

Ransomware Encryption Libraries Access 81

Security Affairs

OCTOBER 14, 2021

The popular Google’s VirusTotal scanning service has published an interesting analysis of more than 80 Million ransomware samples. VirusTotal has published its first ransomware activity report based on the analysis of more than 80 million samples that have been uploaded from 140 countries worldwide. percent of the submitted samples.

Ransomware 88

Ransomware Libraries IT Security 88

Krebs on Security

MAY 14, 2024

CVE-2024-30051 is an “elevation of privilege” bug in a core Windows library. Qbot and Pinkslipbot ) has morphed into an advanced malware strain now used by multiple cybercriminal groups to prepare newly compromised networks for ransomware infestations. First, the zero-days. Apple has just shipped macOS Sonoma 14.5

Libraries 224

Libraries Authentication Ransomware Security 224

Security Affairs

OCTOBER 27, 2022

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. Microsoft has discovered recent activity that links the Raspberry Robin worm to human-operated ransomware attacks. . The final-stage malware was the Clop ransomware.

Ransomware 90

Ransomware Access Encryption Manufacturing 90

Security Affairs

JUNE 22, 2021

DarkRadiation is a new strain of ransomware implemented in Bash that targets Linux and Docker cloud containers and leverages Telegram for C2. Trend Micro researchers spotted a new strain of ransomware, dubbed DarkRadiation, which is writted in Bash script and target Linux distributions (Red Hat/CentOS and Debian) and Docker cloud containers.

Ransomware 98

Ransomware Encryption Passwords Cloud 98

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. pysa file extension that gives the name to this piece ransomware.

Ransomware 100

Ransomware Government Encryption Passwords 100

IT Governance

NOVEMBER 6, 2023

Library branches remain open, Wi-Fi is still available and materials can still be borrowed. Records breached: According to the library’s 4 November update , there is “no evidence that the personal information of our staff or customers has been compromised”. However, public computers and printing services are unavailable.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

Krebs on Security

MAY 17, 2021

The Twitter thread came up in a discussion on the ransomware attack against Colonial Pipeline , which earlier this month shut down 5,500 miles of fuel pipe for nearly a week, causing fuel station supply shortages throughout the country and driving up prices. “Sodinokibi”) ransomware groups.

Ransomware 347

Ransomware Risk Libraries Encryption 347

Security Affairs

FEBRUARY 14, 2022

The attack, which likely was a ransomware attack, impacted the computer network of the TV channel and caused the cancellation of the evening edition of 24UR daily news show. The post Alleged ransomware attack disrupted operations at Slovenia’s Pop TV station appeared first on Security Affairs. ” Source Broadbandtvnews. .”

Ransomware 78

Ransomware Libraries Security IT 78

The Last Watchdog

DECEMBER 14, 2021

Related: The case for ‘SBOM’ This flaw in the Apache Log4J logging library is already being aggressively probed and exploited by threat actors — and it is sure to become a major headache for security teams in 2022. Log4j is a library used in nearly every Java installation because it is used for logging server operations.

Libraries 189

Libraries Ransomware Cloud Cybersecurity 189

Data Protection Report

DECEMBER 13, 2021

Exploited systems are at risk for ransomware, data exfiltration, cryptomining, and other malicious activities perpetrated by criminal organizations and nation-state actors. Ensure network logging exists to record activity related to a vulnerable Apache Log4j logging library.

Libraries 59

Libraries Ransomware Cloud Risk 59

Security Affairs

APRIL 14, 2020

Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e. AgentTesla ). ” continues the analysis. ” continues the analysis. ” concludes the report.

Ransomware 110

Ransomware Phishing File names Encryption 110

eSecurity Planet

DECEMBER 15, 2021

Nation-state cyber threat groups and ransomware attackers are moving in to exploit a critical flaw found in the seemingly ubiquitous Apache Log4j open-source logging tool, as attacks spread just days after the vulnerability that could affect hundreds of millions of devices was made public late last week. 11 as a malicious.NET binary file.

Ransomware 126

Ransomware Cybersecurity Access Libraries 126

Security Affairs

SEPTEMBER 12, 2018

Security experts from Trend Micro have spotted a new strain of ransomware involved in attacks in July and August, the malicious code was posing as the Locky ransomware. “In late July and throughout August, we observed waves of spam email delivering the PyLocky ransomware. . ” states the report.

Ransomware 83

Ransomware Libraries Encryption Archiving 83

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. The malicious code appended the extension .

Education 87

Education Ransomware Encryption Government 87

Security Affairs

JULY 2, 2019

A new Ransomware appeared in the threat landscape, the malware began to threats the digital world. A new Ransomware began to threats the digital world. Unlike most ransomware, LooCipher uses a macro-weaponized document as dropper of the real threat. Ransomware excluded folders. Introduction. Technical Analysis.

Ransomware 88

Ransomware Encryption Blockchain Libraries 88

IT Governance

FEBRUARY 14, 2023

Likewise, if cyber criminals encrypt the organisation’s files in a ransomware attack, they will face major disruption. The second element of the CIA triad is integrity. This refers to the completeness and accuracy of data, as well as the organisation’s ability to protect it from corruption.

IT 105

IT Risk GDPR Information Security 105

eSecurity Planet

MAY 30, 2024

Ransomware attacks and data breaches make headlines when they shut down huge connected healthcare providers such as Ascension Healthcare or Change Healthcare. 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia.

Cybersecurity 73

Cybersecurity Ransomware Data breaches Risk 73

IT Governance

OCTOBER 3, 2022

Ransomware. Welcome to our September 2022 list of data breaches and cyber attacks. Compared to August, it was a comparatively quiet month, as we identified 88 publicly disclosed security incidents and 35,566,046 compromised records. Cyber attacks. Data breaches. Malicious insiders and miscellaneous incidents. Cyber attacks.

Data breaches 143

Data breaches Ransomware Education Phishing 143

Security Affairs

JUNE 17, 2022

“Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 or Microsoft 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without dedicated backups or a decryption key from the attacker.” ” reads the post published by Proofpoint.

Libraries 83

Libraries Encryption Ransomware Cloud 83

Security Affairs

JANUARY 11, 2019

Victims of the PyLocky Ransomware can use a tool released by security researcher Mike Bautista at Cisco Talos group to decrypt their files for free. I have good and bad news for the victims of the PyLocky Ransomware. PyLocky Ransomware Decryption Tool Released — Unlock Files For Free. ” reads the post published by Talos.

Ransomware 92

Ransomware Encryption Passwords Libraries 92

eSecurity Planet

JUNE 21, 2022

Microsoft services are widely used in enterprises for cloud-based collaboration, and the Proofpoint research report revealed that cloud infrastructures are not immune to ransomware attacks. Many IT and security teams think that cloud drives should be more resilient to ransomware attacks, but that’s not the case.

Cloud 117

Cloud Ransomware Libraries Phishing 117