Recherche : [Ransomware]

From Dormant to Dangerous: P2Pinfect Evolves to Deploy New Ransomware and Cryptominer https://www.cadosecurity.com/blog/from-dormant-to-dangerous-p2pinfect-evolves-to-deploy-new-ransomware-and-cryptominer

27/06/2024 08:47:39

P2Pinfect is a rust-based malware covered extensively by Cado Security in the past. Cado Security researchers first discovered it during triage of honeypot telemetry in July of 2023.

New P2Pinfect version delivers miners and ransomware on Redis servers https://securityaffairs.com/164968/malware/p2pinfect-delivers-miners-ransomware-on-redis.html

27/06/2024 08:45:03

Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads.

Chinese Cyberspies Employ Ransomware in Attacks for Diversion https://www.bleepingcomputer.com/news/security/chinese-cyberspies-employ-ransomware-in-attacks-for-diversion/

27/06/2024 08:26:45

Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft.

ChamelGang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware https://www.sentinelone.com/labs/chamelgang-attacking-critical-infrastructure-with-ransomware/

27/06/2024 08:26:03

Threat actors in the cyberespionage ecosystem are using ransomware for financial gain, disruption, distraction, misattribution, and the removal of evidence.

CDK Begins Restoring Systems Amid Ransomware Payment Reports https://www.databreachtoday.eu/cdk-begins-restoring-systems-amid-ransomware-payment-reports-a-25605

26/06/2024 11:01:08

CDK Global, the auto dealership software solutions firm that supplies services to an estimated 15,000 dealerships in the U.S. and Canada, said it has begun the

South Africa’s national health lab hit with ransomware attack amid mpox outbreak https://therecord.media/south-africa-lab-ransomware-mpox-outbreak

26/06/2024 08:39:34

South Africa’s National Health Laboratory Service (NHLS) was hit by hackers on Saturday, with the dissemination of lab results severely impacted.

Rafel RAT, Android Malware from Espionage to Ransomware Operations https://research.checkpoint.com/2024/rafel-rat-android-malware-from-espionage-to-ransomware-operations/

24/06/2024 08:51:05

Android, Google’s most popular mobile operating system, powers billions of smartphones and tablets globally. Known for its open-source nature and flexibility, Android offers users a wide array of features, customization options, and access to a vast ecosystem of applications through the Google Play Store and other sources.

However, with its widespread adoption and open environment comes the risk of malicious activity. Android malware, a malicious software designed to target Android devices, poses a significant threat to users’ privacy, security, and data integrity. These malicious programs come in various forms, including viruses, Trojans, ransomware, spyware, and adware, and they can infiltrate devices through multiple vectors, such as app downloads, malicious websites, phishing attacks, and even system vulnerabilities.

Ransom-War Part 3: Inflict Maximum Damage https://nattothoughts.substack.com/p/ransom-war-part-3-inflict-maximum

20/06/2024 09:51:37

Dmitry Medvedev’s June 13 call to do “maximum harm” to Western infrastructure is not so new: Russian strategists have thought about using ransomware to pressure adversary countries since at least 2016

All households in Scottish region to get alert about hackers publishing stolen medical data https://therecord.media/all-scottish-households-nhs-hack-alert

19/06/2024 19:37:23

The residents of Dumfries and Galloway are being warned their data was likely compromised in a February ransomware attack on the National Health Service (NHS).

Black Basta ransomware gang linked to Windows zero-day attacks https://www.bleepingcomputer.com/news/security/black-basta-ransomware-gang-linked-to-windows-zero-day-attacks/

16/06/2024 00:11:34

The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available.

IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment – The DFIR Report https://thedfirreport.com/2024/06/10/icedid-brings-screenconnect-and-csharp-streamer-to-alphv-ransomware-deployment/

11/06/2024 21:34:35

Key Takeaways In October 2023, we observed an intrusion that began with a spam campaign, distributing a forked IcedID loader. The threat actor used Impacket’s wmiexec and RDP to install Scree…

Urgent call for O-type blood donations following London hospitals ransomware attack https://therecord.media/london-hospitals-ransomware-urgent-call-blood-donations-otype

11/06/2024 08:36:44

As a result of the cyberattack “hospitals cannot currently match patients’ blood at the same frequency as usual,” announced NHS Blood and Transplant.

Major London hospitals disrupted by Synnovis ransomware attack https://www.bleepingcomputer.com/news/security/major-london-hospitals-disrupted-by-synnovis-ransomware-attack/

09/06/2024 16:28:25

A ransomware attack affecting pathology and diagnostic services provider Synnovis has impacted healthcare services at multiple major NHS hospitals in London.

Ransomware attack hits major London hospitals https://www.theregister.com/2024/06/04/suspected_cyberattack_hits_major_london/

04/06/2024 21:43:31

Pathology lab provider targeted, affecting blood transfusions and surgeries

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities https://thehackernews.com/2024/05/researchers-uncover-active-exploitation.html?m=1

30/05/2024 16:30:28

Researchers have discovered several vulnerabilities in popular WordPress plugins that allow attackers to create rogue admin accounts.
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability

From Origins to Operations: Understanding Black Basta Ransomware https://flashpoint.io/blog/understanding-black-basta-ransomware/

29/05/2024 10:12:06

Explore the rise of Black Basta as a top ransomware threat, their sophisticated tactics, notable attacks, and future implications for cybersecurity.

New ShrinkLocker ransomware uses BitLocker to encrypt your files https://www.bleepingcomputer.com/news/security/new-shrinklocker-ransomware-uses-bitlocker-to-encrypt-your-files/

25/05/2024 22:01:44

A new ransomware strain called ShrinkLocker creates a new boot partition to encrypt corporate systems using Windows BitLocker.

How ransomware abuses BitLocker | Securelist https://securelist.com/ransomware-abuses-bitlocker/112643/

25/05/2024 19:12:04

The Kaspersky GERT has detected a VBS script that has been abusing Microsoft Windows features by modifying the system to lower the defenses and using the local MS BitLocker utility to encrypt entire drives and demand a ransom.
#BitLocker #Data #Descriptions #Encryption #Incident #Malware #Microsoft #Ransomware #Technologies #Windows #response

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware https://www.microsoft.com/en-us/security/blog/2024/05/15/threat-actors-misusing-quick-assist-in-social-engineering-attacks-leading-to-ransomware/

16/05/2024 16:15:33

Microsoft Threat Intelligence has observed Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks that lead to malware like Qakbot followed by Black Basta ransomware deployment.

2023 Kaspersky Incident Response report https://securelist.com/kaspersky-incident-response-report-2023/112504/

14/05/2024 14:28:22

The report shares statistics and observations from incident response practice in 2023, analyzes trends and gives cybersecurity recommendations.
#Cybersecurity #Incident #Internal #LockBit #Ransomware #Security #Statistics #Threats #response #services

Liens par page

Filtres