Iran's Military Reportedly Backs Ransomware Campaign

Data Breach Today

Iran's Islamic Revolutionary Guard Corps was behind a ransomware campaign that used a contracting company called "Emen Net Pasargard" to target more than a dozen organizations, according to the security firm Flashpoint. Could Cyberespionage Be Campaign's Real Purpose?

Maze ransomware operators stole data from US military contractor Westech

Security Affairs

Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. MAZE ransomware operators have stolen sensitive data from Westech, a company that supports the US Minuteman III nuclear deterrent.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked

Threatpost

Westech International provides maintenance for the Minuteman III nuclear-missile program and runs programs for multiple branches of the military.

Malware Linked to Ryuk Targets Financial & Military Data

Dark Reading

A newly discovered campaign, packing traces of Ryuk ransomware, aims to steal confidential information

Did Data Leak Discovery Reveal a Ransomware Incident?

Data Breach Today

Researcher Says Exposed Database Contained Ransom Demand Message An unsecured database of medical information on military veterans contained evidence of a potential incident, the security researcher who discovered the data leak says

A new piece of Ryuk Stealer targets government, military and finance sectors

Security Affairs

A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. It is not clear if the malware was developed by the threat actors behind Ryuk Ransomware for data exfiltration.

REvil ransomware gang hit US nuclear weapons contractor Sol Oriens

Security Affairs

The REvil ransomware gang made the headlines again, the group hit the US nuclear weapons contractor Sol Oriens and stole the victim’s data. US nuclear weapons contractor Sol Oriens was hit by a cyberattack carried out by the REvil ransomware operators, which claims to have stolen data.

Ransomware Protection in 2021

eSecurity Planet

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. A ransomware attack is about as bad as a cyber attack can get. Jump to: What is ransomware? How ransomware works. Ransomware types.

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

Experts uncovered a new cyber-espionage campaign, dubbed “ Operation In(ter)receptio n,” aimed at aerospace and military organizations in Europe and the Middle East.

Maze Ransomware operators published data from LG and Xerox

Security Affairs

Maze ransomware operators published internal data from LG and Xerox after the company did not pay the ransom. Maze ransomware operators published 50.2 As usual, the Maze ransomware operators threaten the victims to pay the ransom to avoid their data being leaked online.

Maze ransomware gang leaked Canon USA’s stolen files

Security Affairs

Maze ransomware operators have leaked online the unencrypted files allegedly stolen from Canon during a recent ransomware attack. Now the Maze ransomware operators have published unencrypted files allegedly stolen the Canon during the ransomware attack.

Maze ransomware gang hacked M&A firm Threadstone Advisors LLP

Security Affairs

Maze ransomware operators hit Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions. Previous victims of the ransomware gang include IT services firms Cognizant and Conduent.

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

Maze ransomware operators claims to have breached the South Korean multinational electronics company LG Electronics. Researchers at Cyble discovered a data leak of LG Electronics published by Maze ransomware operators. SecurityAffairs – LG Electronics, Maze ransomware).

Maze Ransomware gang breached the US chipmaker MaxLinear

Security Affairs

system-on-chip maker MaxLinear disclosed a security incident, Maze ransomware operators infected some of its computing systems in May. ” Recently Maze ransomware operators hit Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions.

Healthcare giant Magellan Health discloses data breach after ransomware attack

Security Affairs

Magellan Health, a for-profit managed health care and insurance firm, was the victim of a ransomware attack. “Magellan was recently the victim of a criminal ransomware attack. “On April 11, 2020, Magellan discovered it was targeted by a ransomware attack.

Texas Government Agencies Hit by Ransomware

Adam Levin

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. . The Texas Department of Information Resources (DIR) became aware of the ransomware campaign after being contacted by the municipal governments of several towns that were unable to access critical files. Although the DIR has released few details about the ransomware campaign, they did confirm that it originated from a single “threat actor.”

US Govn contractor Electronic Warfare Associates infected with Ryuk ransomware

Security Affairs

The popular US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack , the news was reported by ZDNet. L ast week, the US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack that also infected its web servers.

Did Maze ransomware operators steal 10 GB of data from Canon?

Security Affairs

An internal memo confirms that the prolonged outage suffered by Canon last week was caused by a ransomware infection, Maze operators took credit for it. Maze ransomware operators recently published internal data from LG and Xerox after the company did not pay the ransom.

Military documents about MQ-9 Reaper drone leaked on dark web

The Security Ledger

Hackers have put up for sale on the dark web sensitive military documents, some associated with the U.S. military’s MQ-9 Reaper drone aircraft, one of its most lethal and technologically advanced drones, security research firm Recorded Future recently discovered. » Related Stories Fitness apps: Good for your health, not so much for military security Evasive new botnet can take over enterprise devices to steal data, spread ransomware U.S.

Fitness apps: Good for your health, not so much for military security

The Security Ledger

Fitness apps are proving to be a lot less beneficial to military security than they are for military fitness. That after researchers in the Netherlands discovered that data from the Polar fitness app revealed the homes and habits of those exercising in clandestine locations around the world, including intelligence agencies, military bases, nuclear.

At least 23 Texas local governments targeted by coordinated ransomware attacks

Security Affairs

At least 23 local governments were impacted by a wave of ransomware attacks that according to the experts are the result of a coordinated effort. Texas is the victim of an ongoing wave of ransomware attacks that are targeting local governments. At least 23 local government organizations were impacted by the ransomware attacks, the Department of Information Resources (DIR) is currently investigating them and providing supports to mitigate the attacks.

Report: U.S. Cyber Command Behind Trickbot Tricks

Krebs on Security

A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet , a malware crime machine that has infected millions of computers and is often used to spread ransomware. military’s Cyber Command.

6 Russians Indicted for NotPeyta Campaign, Other Attacks

Data Breach Today

Justice Department unsealed indictments against six Russian military officers on Monday, alleging that they carried out a series of major hacking operations, including deploying NotPetya ransomware - causing over $10 billion in damages - and attacking the 2018 Olympics

Microsoft Uses Trademark Law to Disrupt Trickbot Botnet

Krebs on Security

has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot , a global menace that has infected millions of computers and is used to spread ransomware. Ransomware The Coming StormMicrosoft Corp.

Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack?

Security Affairs

A number of systems have been taken offline, and all the locations infected by the ransomware were isolated from the Internet. ” According to the CBC News, the Recipe was the victim of a ransomware attack, the media also shared a copy of a ransom note that was provided by a worker at one of the affected restaurants. ” Recipe Unlimited denies it was victim of a ransomware attac, because it conducts regular system backups to promptly mitigate such kind of attacks.

The Hacker Mind Podcast: Hacking Ransomware

ForAllSecure

What if you discovered a flaw in a ransomware payment system that unlocked the data without paying the ransom? In this episode, Jack Cable talks about hacking the Qlocker ransomware and briefly interrupting its payment system. This was the cue locker ransomware.

The Hacker Mind Podcast: Hacking Ransomware

ForAllSecure

What if you discovered a flaw in a ransomware payment system that unlocked the data without paying the ransom? In this episode, Jack Cable talks about hacking the Qlocker ransomware and briefly interrupting its payment system. This was the cue locker ransomware.

DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

Security Affairs

The gang behind the DoppelPaymer ransomware has stolen internal confidential documents belonging to some of the largest aerospace companies in the world from the industrial contractor Visser Precision. SecurityAffairs – DoppelPaymer ransomware, malware).

'Act of War' Clause Could Nix Cyber Insurance Payouts

Dark Reading

The indictment of six members of the Russian military for the NotPetya ransomware attack places companies on notice that insurance "is not a get-out-of-jail-free card

Cyberattack Downs Pensacola’s City Systems

Threatpost

military base Naval Air Station Pensacola rocked the city. Critical Infrastructure Government Hacks Malware cyberattack malware pensacola pensacola cyberattack ransom ransomwareThe cyberattack comes days after a shooting at U.S.

NotPetya: From Russian Intelligence, With Love

Data Breach Today

CIA Reportedly Believes Russian Military Launched Wiper Disguised as Ransomware The CIA has attributed last year's outbreak of NotPetya wiper malware to Russia's GRU military intelligence unit, The Washington Post reports. Other intelligence agencies and information security experts have reached similar conclusions, warning that Russia's hybrid warfare campaigns are intensifying

Cybersecurity Insurance Not Paying for NotPetya Losses

Schneier on Security

and other governments labeled the NotPetya attack as an action by the Russian military their claim was excluded under the "hostile or warlike action in time of peace or war" exemption. cybersecurity hacking insurance malware ransomware russia warThis will complicate things: To complicate matters, having cyber insurance might not cover everyone's losses. Zurich American Insurance Company refused to pay out a $100 million claim from Mondelez, saying that since the U.S.

Dutch and British Governments Slam Russia for Cyberattacks

Data Breach Today

Officials Attribute BadRabbit Ransomware, WADA Breach to APT28, aka 'Fancy Bear' The British and Dutch governments have issued a strong rebuke to the Russian government over an ongoing series of "Fancy Bear" hack attacks that they say were launched by Russia's military intelligence agency Russian Main Intelligence Directorate, aka the GRU

Security Affairs newsletter Round 286

Security Affairs

million users due to critical vulnerability Nefilim ransomware gang published Luxottica data on its leak site NSA details top 25 flaws exploited by China-linked hackers Pay it safe: Group-IB aids Paxful in repelling a series of web-bot attacks U.S.

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

The most severe financial damage has occurred as a result of ransomware activity. Group-IB: The ransomware plague cost the world over $1 billion. Late 2019 and all of 2020 were marked by an unprecedented surge in ransomware attacks.

List of data breaches and cyber attacks in April 2021 – 1 billion records breached

IT Governance

Ransomware was again one of the biggest contributors to that total, accounting for almost one in three data breaches. Ransomware. Ransomware. It was another busy month in the cyber security sector, as we discovered 143 incidents that resulted in 1,098,897,134 breached records.

Security Affairs newsletter Round 312

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

Warning the World of a Ticking Time Bomb

Krebs on Security

A security expert who has briefed federal and military advisors on the threat says many victims appear to have more than one type of backdoor installed. AVERTING MASS-RANSOMWARE.

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

Ransomware. London-based clinical pharmacology testing firm recovers swiftly from Maze ransomware (unknown). Minnesota-based Community Development Bank struck by ransomware (unknown). Prince Edward Island notifies patients of ransomware attack (unknown).

List of data breaches and cyber attacks in August 2020 – 36.6 million records breached

IT Governance

Ransomware. British Dental Association records leaked on the dark web (5,524) Australian aged care firm Regis hit by ransomware (unknown) ?Canon