Browsing tag
Ransomware is one of the most common cyber threats that attack both companies and private users. It works by encrypting your files, making them available to access unless you have the key. The only way to get the key and have control over your files again is to pay the attackers a certain amount of […]
Ransomware groups continue to evolve their tactics and techniques to deploy file-encrypting malware on compromised systems, notwithstanding law enforcement’s disruptive actions against the cybercrime gangs to prevent them from victimizing additional companies. “Be it due to law enforcement, infighting amongst groups or people abandoning variants altogether, the RaaS [ransomware-as-a-service] groups dominating the ecosystem at this […]
Kronos has taken down its private cloud services and advises customers to use “alternative business continuity protocols” while the company is working on mitigating the attack. Kronos Private Cloud is an HR management firm, also known as Ultimate Kronos Group, offering timekeeping services to many high-profile firms globally. Reportedly, the company is the latest victim […]
Europol has confirmed arresting a Romanian national for targeting an IT firm in the country. The U.S. and European law enforcement authorities collaborated to arrest a suspected ransomware affiliate member for targeting Romanian firms in an IT supply chain attack. The operation was led by Europol’s European Cybercrime Centre (EC3), and the Romanian National Police […]
These attacks started on December 13th in which the Conti gang focused on targeting VMWare vCenter servers vulnerable to Log4Shell attacks. Advanced Intelligence (AdvIntel) security firm has discovered that the Conti ransomware gang is the first cybercriminal group to adopt and embed the Log4Shell vulnerability in their operations targeting VMware vCenter Servers. “A week after […]
The Romanian National Police (Poliția Română) and the US Federal Bureau of Investigation (FBI) have recently arrested a ransomware affiliate with the help of Europol’s European Cybercrime Centre (EC3) for selling stolen data of 300 million people. Here the hacker has stolen this sensitive data from high-profile organizations and companies around the globe, including a […]
Romanian cybersecurity technology company Bitdefender on Monday revealed that attempts are being made to target Windows machines with a novel ransomware family called Khonsari as well as a remote access Trojan named Orcus by exploiting the recently disclosed critical Log4j vulnerability. The attack leverages the remote code execution (RCE) flaw to download an additional payload, […]
The Unit’s boss Gen. Paul Nakasone said that the US military computer operatives are ready to target ransomware gangs and state actors, whoever poses a threat to critical US infrastructure. The US military’s hacking division called Cyber Command is taking aggressive steps to fight cybercrime gangs targeting American organizations with ransomware. According to the unit’s […]
Details have emerged about what’s the first Rust-language-based ransomware strain spotted in the wild that has already amassed “some victims from different countries” since its launch last month. The ransomware, dubbed BlackCat, was disclosed by MalwareHunterTeam. “Victims can pay with Bitcoin or Monero,” the researchers said in a series of tweets detailing the file-encrypting malware. […]
So far, the Conti ransomware has not demanded any ransom or published any details of the ransomware attack on their official website. A popular Scandinavian hotel has confirmed becoming a victim of a targeted cyberattack from the Conti ransomware gang. It is worth noting that Nordic Choice has branches around 200 locations in Finland, Scandinavia, […]
As seen by Hackread.com, the Cl0p ransomware gang has leaked partial SPO data including names, email addresses, passport scans, and more. Swire Pacific Offshore (SPO) has confirmed becoming a victim of a targeted cyberattack by the Cl0p ransomware gang. The company claims that personal information and classified proprietary commercial information might be exposed. For your […]
Russian cybercrime and hacking forums are opening doors to Chinese and English-speaking threat actors, which so far had been a relatively restricted domain for them. Researchers at threat intelligence firm Flashpoint have observed a spike in activities of Chinese origin and Mandarin-speaking hackers on RAMP, a Russian-language ransomware forum, and other illegal communities on the […]
The scam involved attempts to hire insiders to install DemonWare ransomware on their employer’s IT systems. A Nigerian citizen, deemed a key suspect in the Ransom Your Employer scheme, was arrested Friday. Reportedly, through the scheme, the scammers deployed ransomware on employers’ systems. According to a report from KrebsOnSecurity’s Brian Krebs, published on Nov 22, Oluwaseun Medayedupin […]
The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets, revealed a new research report from The DFIR Report. The report, published on Monday, explained that an unnamed and unpatched MS Exchange Server customer was targeted with ransomware attacks, and attackers exploited ProxyShell vulnerabilities to compromise the organization domain-wide. A […]
Bad news for the cybersecurity fraternity. Emotet malware that was dubbed the “World’s Most Dangerous” and “Widely Spread Malware” is back. As per a report from security researcher Luca Ebach, the notorious TrickBot malware is now used as an entry point for distributing a new version of Emotet malware on the systems TrickBot previously owned. […]
BlackMatter ransomware gang, which is believed to be a rebrand of DarkSide, has decided to end the project, giving in to the pressures of the local law enforcement authorities. In 2021, we have seen many mainstream ransomware groups go underground and new groups emerging in their place. First, it was the DarkSide ransomware, the disappearance […]
The total number of arrests made concerning Sodinokibi/REvil and GandCrab ransomware is now seven. Europol launched a multi-agency operation to catch REvil ransomware operators (Ransomware-Evil) based on their findings of an old ransomware strain, GrandCrab, which authorities believe is the predecessor of REvil. Dubbed Operation GoldDust; around seventeen countries took part in the operation. These […]
The U.S. government on Monday charged a Ukrainian suspect, arrested in Poland last month, with deploying REvil ransomware to target multiple businesses and government entities in the country, including perpetrating the attack against software company Kaseya, marking the latest action to crack down on the cybercrime group and curb further attacks. According to unsealed court […]
The U.S. government on Thursday announced a $10 million reward for information that may lead to the identification or location of key individuals who hold leadership positions in the DarkSide ransomware group or any of its rebrands. On top of that, the State Department is offering bounties of up to $5 million for intel and […]
Cybersecurity researchers on Friday disclosed a now-patched critical vulnerability in multiple versions of a time and billing system called BillQuick that’s being actively exploited by threat actors to deploy ransomware on vulnerable systems. CVE-2021-42258, as the flaw is being tracked as, concerns an SQL-based injection attack that allows for remote code execution and was successfully […]
The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked and taken offline for a second time earlier this week, in what’s the latest action taken by governments to disrupt the lucrative ecosystem. The takedown was first reported by Reuters, quoting multiple private-sector cyber […]