Search cyberveille.decio.ch

Found 23 bookmarks

Custom sorting

US offers $10 million bounty for info on 'Blackcat' hackers who hit UnitedHealth

The U.S. State Department on Wednesday offered up to $10 million for information on the "Blackcat" ransomware gang who hit the UnitedHealth Group's tech unit and snarled insurance payments across America. "The ALPHV Blackcat ransomware-as-a-service group compromised computer networks of critical infrastructure sectors in the United States and worldwide," the department said in a statement announcing the reward offer.

#reuters #EN #2024 #US #bounty #ALPHV #Blackcat

·reuters.com·Mar 28, 2024

US offers $10 million bounty for info on 'Blackcat' hackers who hit UnitedHealth

Blackcat ransomware site reportedly seized but UK agency denies responsibility

website used by hackers responsible for a breach at UnitedHealth Group (UNH.N), opens new tab has been replaced by a notice saying it has been seized by international law enforcement. But at least one of the agencies allegedly responsible said it had nothing to do with the seizure, raising the possibility that the hackers - who also go by the moniker ALPHV - faked their own takedown. A message posted to the website of the Blackcat hacking gang on Tuesday said it had been impounded "as part of a coordinated law enforcement action" by U.S. authorities and other law enforcement agencies. Among the logos of non-American agencies involved were those of Europol and Britain's National Crime Agency.

#reuters #EN #2024 #AlphV #UnitedHealth-Group #BlackCat #ransomware #UK #denies

·reuters.com·Mar 5, 2024

Blackcat ransomware site reportedly seized but UK agency denies responsibility

BlackCat ransomware shuts down in exit scam, blames the "feds"

The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates' money by pretending the FBI seized their site and infrastructure.

#bleepingcomputer #EN #2024 #ALPHV #BlackCat #Exit-Scam #Ransomware

·bleepingcomputer.com·Mar 5, 2024

BlackCat ransomware shuts down in exit scam, blames the "feds"

BlackCat ransomware turns off servers amid claim they stole $22 million ransom

The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million.

#bleepingcomputer #EN #2024 #ALPHV #BlackCat #Healthcare #Optum #Ransomware #UnitedHealth-Group

·bleepingcomputer.com·Mar 4, 2024

BlackCat ransomware turns off servers amid claim they stole $22 million ransom

ALPHV/BlackCat hits healthcare after retaliation threat, FBI says

The gang claimed responsibility for a high-profile attack against Change Healthcare Wednesday.

#scmagazine #EN #2024 #CISA #ALPHV #BlackCat #FBI #Healthcare

·scmagazine.com·Mar 4, 2024

ALPHV/BlackCat hits healthcare after retaliation threat, FBI says

BlackCat Ransomware Affiliate TTPs

This blog post provides a detailed look at the TTPs of a ransomware affiliate operator. In this case, the endpoint had been moved to another infrastructure (as illustrated by various command lines, and confirmed by the partner), so while Huntress SOC analysts reported the activity to the partner, no Huntress customer was impacted by the ransomware deployment.

#huntress #EN #2024 #BlackCat #Ransomware #TTPs #ScreenConnect

·huntress.com·Feb 29, 2024

BlackCat Ransomware Affiliate TTPs

New RustDoor macOS malware impersonates Visual Studio update

A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang.

#bleepingcomputer #EN #2024 #ALPHV #Backdoor #BlackCat #Data-Exfiltration #macOS #Malware #Ransomware

·bleepingcomputer.com·Feb 9, 2024

New RustDoor macOS malware impersonates Visual Studio update

Ransomware : Alphv/BlackCat, touché et presque coulé ?

Le site vitrine de la franchise Alphv/BlackCat affiche désormais un message indiquant qu’il a été saisi par les autorités. Mais une vitrine alternative est en ligne, mais le coup est très sérieux.

#lemagit #FR #2023 #Alphv #BlackCat #Alphv-BlackCat #Ransomware #vitrine

·lemagit.fr·Dec 19, 2023

Ransomware : Alphv/BlackCat, touché et presque coulé ?

Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United States Department of Justice

The Justice Department announced today a disruption campaign against the Blackcat ransomware group — also known as ALPHV or Noberus — that has targeted the computer networks of more than 1,000 victims and caused harm around the world since its inception, including networks that support U.S. critical infrastructure.

#justice.gov #EN #2023 #ALPHV #Blackcat #ransomware #group #Disrupts #announce

·justice.gov·Dec 19, 2023

Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United States Department of Justice

Authorities claim seizure of notorious ALPHV ransomware gang's dark web leak site | TechCrunch

The FBI says it has released a decryption tool allowing hundreds of ALPHV/BlackCat victims to restore their scrambled files.

#techcrunch #EN #2023 #ALPHV #BlackCat #cyberattack #cybersecurity #law-enforcement #ransomware #seizure

·techcrunch.com·Dec 19, 2023

Authorities claim seizure of notorious ALPHV ransomware gang's dark web leak site | TechCrunch

Not so lucky: BlackCat is back!

While the main trend in the cyber threat landscape in recent months has been MoveIt and Cl0p, NCC Groups’ Cyber Incident Response Team have also been handling multiple different ransomware groups over the same period. In the ever-evolving cybersecurity landscape, one consistent trend witnessed in recent years is the unsettling rise in ransomware attacks. These nefarious acts of digital extortion have left countless victims scrambling to safeguard their data, resources, and even their livelihoods. To counter this threat, every person in the cyber security theatre has a responsibility to shine light on current threat actor Tactics, Techniques and Procedures (TTP’S) to assist in improving defences and the overall threat landscape.

#nccgroup #EN #2023 #TTP #BlackCat #D0nut #Medusa #NoEscape

·research.nccgroup.com·Nov 6, 2023

Not so lucky: BlackCat is back!

BlackCat ransomware hits Azure Storage with Sphynx encryptor

The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt targets' Azure cloud storage.

#bleepingcomputer #EN #2023 #BlackCat #ALPHV #Sphynx #encryptor #Azure

·bleepingcomputer.com·Sep 17, 2023

BlackCat ransomware hits Azure Storage with Sphynx encryptor

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application.

#thehackernews #EN #2023 #BlackCat #Ransomware #Disguised #WinSCP #Malvertising

·thehackernews.com·Jul 5, 2023

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

Malvertising Used as Entry Vector for BlackCat Actors Also Leverage SpyBoy Terminator

We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents.

#trendmicro #EN #2023 #malware #endpoints #BlackCat #WinSCP #report #SpyBoy #GoogleAds

·trendmicro.com·Jul 3, 2023

Malvertising Used as Entry Vector for BlackCat Actors Also Leverage SpyBoy Terminator

BlackCat Ransomware Deploys New Signed Kernel Driver

In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase.

#trendmicro #EN #2023 #ransomware #research #BlackCat #Kernel #Driver

·trendmicro.com·May 22, 2023

BlackCat Ransomware Deploys New Signed Kernel Driver

Gang leaks Lehigh Valley Health Network cancer patient photos as part of data hack

A ransomware gang has posted photos of Lehigh Valley Health Network cancer patients on the dark web after the health network refused to pay a ransom last month following a cyberattack.

#lehighvalleylive #EN #2023 #Health #patient #hospital #photos #ransomware #gang #ALPHV #BlackCat

·lehighvalleylive.com·Mar 8, 2023

Gang leaks Lehigh Valley Health Network cancer patient photos as part of data hack

Alphv-BlackCat non è più solo darkweb, pubblica anche su Internet "in chiaro"

La nuova funzione implementata ieri da BlackCat, esporrà le vittime colpite anche su Internet, con una diffusione più massiccia e pubblica dei dati rubati, con nome di dominio autentico intestato alla vittima stessa

#insicurezzadigitale #IT #2022 #BlackCat #Alphv #ransomware #pubblica #Alphv-BlackCat #Internet

·insicurezzadigitale.com·Jun 15, 2022

Alphv-BlackCat non è più solo darkweb, pubblica anche su Internet "in chiaro"

Ransomware Group Debuts Searchable Victim Data

Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group,…

#krebsonsecurity #Cybercrime #EN #2022 #ALPHV #clearnet #BlackCat #ransomware #publish

·krebsonsecurity.com·Jun 15, 2022

Ransomware Group Debuts Searchable Victim Data

Gang leaks Lehigh Valley Health Network cancer patient photos as part of data hack

A ransomware gang has posted photos of Lehigh Valley Health Network cancer patients on the dark web after the health network refused to pay a ransom last month following a cyberattack.