Ransomware Group Turns to Facebook Ads

Krebs on Security

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.

Bitdefender releases free decrypter for Darkside ransomware

Security Affairs

Security firm Bitdefender released a tool that allows victims of the Darkside ransomware to recover their files without paying the ransom. The decrypter seems to work for all recent versions of the Darkside ransomware. SecurityAffairs – hacking, ransomware).

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc.

Pay2Key Ransomware Hits Israeli Targets

Data Breach Today

Check Point Researchers Uncovered New Malware Strain Security analysts at Check Point Research are warning about a recently uncovered ransomware strain called Pay2Key that is primarily targeting Israeli firms

Analysis: Securing RDP to Prevent Ransomware Attacks

Data Breach Today

The latest edition of the ISMG Security Report discusses securing RDP to prevent ransomware attacks. Also featured: A look at three likely scenarios for the COVID19 pandemic, and an analysis of why we're still using PINs for certain card payments

CAPCOM: 390,000 people impacted in the recent ransomware Attack

Security Affairs

Capcom revealed that the recent ransomware attack has potentially impacted 390,000 people, an increase of approximately 40,000 people from the previous report. No credit card information was compromised in the security breach.

Canon: Ransomware Attack Exposed Employee Data

Data Breach Today

Company Finally Acknowledges Earlier Incident Exposed Corporate Information Canon USA has finally acknowledged that a ransomware attack earlier this year involved the theft of corporate data, including employee information, such as Social Security numbers and financial account numbers

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents. Ransomware ransomware Tyler Technologies tylertech.com

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. According to Diebold, on the evening of Saturday, April 25, the company’s security team discovered anomalous behavior on its corporate network. Suspecting a ransomware attack, Diebold said it immediately began disconnecting systems on that network to contain the spread of the malware.

Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Krebs on Security

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. ” Ransomware Cryptolocker Eversheds Sutherland Evgeniy Mikhailovich Bogachev Evil Corp.

Threatpost Poll: Weigh in on Ransomware Security

Threatpost

Provide your views on ransomware and how to deal with it in our anonymous Threatpost poll. Breach Cloud Security Malware Vulnerabilities Cyber Insurance Cybersecurity Healthcare poll ransomware

Ryuk ransomware operations already made over $150M

Security Affairs

The Ryuk ransomware had a disruptive impact on multiple industries around the world, operators already earned more than $150 million. The Ryuk ransomware gang is one of the most prolific criminal operations that caused destruction in multiple industries around the world.

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Krebs on Security

26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an “imminent cybercrime threat to U.S. On Monday, Oct.

Hot Cybercrime Trend: Enterprise-Scale Ransomware Hits

Data Breach Today

The latest edition of the ISMG Security Report features an analysis of how cybercriminals are ditching banking Trojans in favour of ransomware attacks.

Vermont Hospital confirmed the ransomware attack

Security Affairs

The Burlington-based University of Vermont Health Network has finally admitted that ransomware was behind the October attack. The IT staff at the hospital will decouple parts of the network and it is going to enhance security measures.

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic. A partial screenshot from the REvil ransomware group’s Dark Web blog.

Ransomware Gangs Don’t Need PR Help

Krebs on Security

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Currently, more than a dozen ransomware crime gangs have erected their own blogs to publish sensitive data from victims. Ransomware ransomware

Ransomware Bites 400 Veterinary Hospitals

Krebs on Security

National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA said it discovered the ransomware outbreak on the morning of Sunday, Oct.

Security Firm Prosegur Hit By Ryuk Ransomware

Data Breach Today

Incident May Have Disrupted Networked Security Cameras Global security company Prosegur has blamed Ryuk ransomware for a service disruption that started Wednesday, which may have hampered networked alarms. Prosegur isn't revealing much detail but says it is in the process of restoring services

Nefilim ransomware operators leak data stolen from Whirlpool

Security Affairs

The American multinational manufacturer and marketer of home appliances Whirlpool was hit by the Nefilim ransomware gang. ” states the message published by the ransomware gang on their leak site. Bleeping Computer reported that the security breach took place in early December.

FBI Issues Alert Over Growing Egregor Ransomware Threat

Data Breach Today

Bureau And Security Experts Warn About Gang's Effective Extortion Model The FBI has issued a private industry warning over the growing threat from the operators behind the Egregor ransomware variant and other cybercriminal gangs affiliated with the group.

FBI Issues Alert on Growing Egregor Ransomware Threat

Data Breach Today

Bureau and Security Experts Warn About Gang's Effective Extortion Model The FBI has issued a warning about the growing threat from the operators behind the Egregor ransomware variant and other cybercriminal gangs affiliated with the group.

How WastedLocker Evades Anti-Ransomware Tools

Data Breach Today

Sophos Says Malware Designed to Avoid Security Measures WastedLocker, a ransomware strain that reportedly shut down Garmin's operations for several days in July, is designed to avoid security tools within infected devices, according to a technical analysis from Sophos

Ransomware Gang Devises Innovative Extortion Tactic

Data Breach Today

Ragnar Locker's Facebook Ad Stunt a Harbinger of New Approaches The gang behind the Ragnar Locker ransomware posted an ad on Facebook in an attempt to publicly shame a victim so it would pay a ransom. Security experts say the innovative tactic is indicative of things to come

Gaming Company Confirms Ragnar Locker Ransomware Attack

Data Breach Today

Capcom Says Over 350,000 Customer, Business Records Possibly Compromised Japanese computer game company Capcom acknowledged this week that a November security incident was a Ragnar Locker ransomware attack that resulted in about 350,000 customer and company records potentially compromised, including sales and shareholder data.

Pay2Key Ransomware Campaign Tied to Iran

Data Breach Today

ClearSky Researchers Say Hacks Targeting Israeli Firms Linked to APT Group 'Fox Kitten' Over the past two months, several Israeli firms have been targeted with a ransomware variant called Pay2Key.

Apex Laboratory disclose data breach after a ransomware attack

Security Affairs

At-home laboratory services provider Apex Laboratory discloses a ransomware attack and consequent data breach. The at-home laboratory services provider Apex Laboratory disclosed a ransomware attack, the hackers also stole some patient in the incident that took place on July 25, 2020.

Newcastle University infected with DoppelPaymer Ransomware

Security Affairs

UK research university Newcastle University suffered a DoppelPaymer ransomware attack and took its systems offline in response to the attack. The post Newcastle University infected with DoppelPaymer Ransomware appeared first on Security Affairs.

REvil ransomware operators are recruiting new affiliates

Security Affairs

REvil Ransomware (Sodinokibi) operators deposited $1 million in Bitcoins on a Russian-speaking hacker forum to demonstrate their willingness to involve new affiliates. SecurityAffairs – hacking, REvil ransomware).

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Security Affairs

FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay, threatening to send individuals to their homes. The post DoppelPaymer ransomware gang now cold-calling victims, FBI warns appeared first on Security Affairs.

Latest Ransomware Trends: Lessons to Learn

Data Breach Today

Learning From Difficult Recoveries and Advice in Government Alerts As ransomware attacks on the healthcare sector continue to surge, entities should heed the lessons emerging from these incidents as well as the advice provided in alerts from government agencies, security experts say

Clop ransomware gang paralyzed flavor and fragrance producer Symrise

Security Affairs

Flavor and fragrance producer Symrise is the last victim of the Clop ransomware gang that claims to have stolen 500 GB of unencrypted files. Symrise AG, a major producer of flavours and fragrances, was hit by Clop ransomware operators.

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Krebs on Security

Fresenius , Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. “I can confirm that Fresenius’ IT security detected a computer virus on company computers,” Kuhn said in a written statement shared with KrebsOnSecurity. million to resolve a previous ransomware infection.

Lazarus Group Reportedly Now Wielding Ransomware

Data Breach Today

Kaspersky Discovers 2 Incidents Involving VHD Ransomware The Lazarus Group, the North Korean hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank and the attacks on Sony Pictures, apparently is expanding into ransomware, according to the security firm Kaspersky

Analysis: Why Ransomware Gangs Getting Bigger Payoffs

Data Breach Today

The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa

Ransomware attack disabled Georgia County Election database

Security Affairs

A ransomware attack recently hit Georgia county government and reportedly disabled a database used to verify voter signatures. A ransomware attack hit a Georgia county government early this month and disabled a database used to verify voter signatures in the authentication of absentee ballots.

Iranian Hacking Group Suspected of Deploying Ransomware

Data Breach Today

ClearSky: 'MuddyWater' APT Linked to Attacks Targeting Israel, Others A hacking group with links to Iran's government is suspected of using ransomware in attempts to damage the systems of organizations in Israel and other countries, the security firm ClearSky reports

Carnival Cruise Ship Firm Investigating Ransomware Attack

Data Breach Today

the world's largest cruise ship company, is investigating a ransomware attack that likely compromised guest and employee data, according its filing with the SEC. It's the company's second security incident this year

Ransomware Danger: Russian-Speaking Gang Targets Russians

Data Breach Today

So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list

Fake mobile version of Cyberpunk 2077 spreads ransomware

Security Affairs

A threat actor is spreading ransomware dubbed CoderWare that masquerades as Windows and Android versions of the recent Cyberpunk 2077. Crooks are spreading fake Windows and Android versions of installers for the new Cyberpunk 2077 video game that is delivering the CoderWare ransomware.