Search cyberveille.decio.ch

Found 518 bookmarks

Custom sorting

LockBit ransomware group assemble strike team to breach banks, law firms and governments.

Recently, I’ve been tracking LockBit ransomware group as they’ve been breaching large enterprises: I thought it would be good to break down what is happening and how they’re doing it, since LockBit are breaching some of the world’s largest organisations — many of whom have incredibly large security budgets. Through data allowing the tracking of ransomware operators, it has been possible to track individual targets. Recently, it has become clear they have been targeting a vulnerability in Citrix Netscaler, called CitrixBleed. Prior reading:

#doublepulsar #EN #2023 #LockBit #ransomware #CitrixBleed

·doublepulsar.com·Nov 15, 2023

LockBit ransomware group assemble strike team to breach banks, law firms and governments.

Cyberattaque contre l’entreprise Concevis: l’administration fédérale est également concernée

Informations actuelles de l'administration. Tous les communiqués de l'administration fédérale, des départements et des offices.

#admin.ch #FR #CH #Communiqué #ransomware #Concevis

·admin.ch·Nov 14, 2023

Cyberattaque contre l’entreprise Concevis: l’administration fédérale est également concernée

Boeing breach: LockBit leaks 50 GB of data

The Boeing Company, a jetliner manufacturer and US defense contractor, had the company’s data leaked by the LockBit ransomware gang. So far, around 50 gigabytes of compressed data was uploaded LockBit's dark web blog. LockBit has allegedly started leaking data that the gang stole from Boeing in late October. The Cybernews research team noted there's around of 50 GB of supposedly Boeing's data. Bulk of the data appears to be various backups.

#cybernews #EN #LockBit #Boeing #DataLeak #ransomware

·cybernews.com·Nov 11, 2023

Boeing breach: LockBit leaks 50 GB of data

Ransomware attack on ICBC disrupts trades in US Treasury market

Chinese bank says it has contained a hack that affected some fixed income and equities transactions

#ft #EN #2023 #ICBC #Chinese #Industrial #and #Commercial #Bank #of #China #ransomware

·ft.com·Nov 10, 2023

Ransomware attack on ICBC disrupts trades in US Treasury market

Atlassian confirms ransomware is exploiting latest Confluence bug

An Atlassian spokesperson said the company had evidence to support what cybersecurity researchers reported over the weekend: A vulnerability affecting the Confluence Data Center and Confluence Server products was being used in cybercrime.

#therecord #EN #2023 #Atlassian #ransomware #Confluence

·therecord.media·Nov 9, 2023

Atlassian confirms ransomware is exploiting latest Confluence bug

Critical Atlassian Confluence bug exploited in Cerber ransomware attacks

Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware.

#bleepingcomputer #EN #2023 #Atlassian #Authentication-Bypass #Cerber #Confluence #Ransomware #CVE-2023-22518

·bleepingcomputer.com·Nov 6, 2023

Critical Atlassian Confluence bug exploited in Cerber ransomware attacks

Four dozen countries declare they won't pay ransomware ransoms | CyberScoop

The coalition aims to encourage members to no longer pay ransoms demanded by criminal hacking groups to discourage attacks from taking place.

#cyberscoop #EN #2023 #coalition #ransomware #pay

·cyberscoop.com·Nov 4, 2023

Four dozen countries declare they won't pay ransomware ransoms | CyberScoop

Boeing says 'cyber incident' hit parts business after ransom threat | Reuters

Boeing , one of the world's largest defense and space contractors, said on Wednesday it was investigating a cyber incident that impacted elements of its parts and distribution business and cooperating with a law enforcement probe into it.

#reuters #EN #2023 #Boing #ransomware

·reuters.com·Nov 2, 2023

Boeing says 'cyber incident' hit parts business after ransom threat | Reuters

Massive ransomware attack hinders services in 70 German municipalities

Hackers encrypted the servers of the municipal service provider Südwestfalen IT, leading the company to restrict access to its infrastructure for over 70 municipalities in western Germany.

#therecord #EN #2023 #ransomware #Germany #municipalities

·therecord.media·Nov 1, 2023

Massive ransomware attack hinders services in 70 German municipalities

2022 RTF Global Ransomware Incident Map: Attacks continue worldwide, groups splinter, education sector hit hard

According to ecrime.ch data, confirmed ransomware incidents occurred in 105 countries, originating from 58 ransomware groups. This number is relatively consistent with last year’s data, in which we calculated that incidents impacted organizations in 109 countries and documented at least 60 distinct ransomware families. Though the overall statistics remain relatively consistent from last year to this year, there is more to the story: new trends in the ecosystem include the shifting dynamics of ransomware groups, the rise of the education sector as a key target, and the trends in geographic distribution of attacks.

#securityandtechnology #EN #2023 #2022 #Global #Ransomware #Incident #Map #ecrime

·securityandtechnology.org·Nov 1, 2023

2022 RTF Global Ransomware Incident Map: Attacks continue worldwide, groups splinter, education sector hit hard

Two Developers of the Ragnar Locker Ransomware Arrested in Spain

An international law enforcement operation coordinated by Europol resulted in the dismantling of one of the largest groups involved in the distribution of

#deform #EN #2023 #Locker #Ransomware #Ragnar #law #enforcement #operation #Europol #Arrested #Spain

·deform.co·Oct 30, 2023

Two Developers of the Ragnar Locker Ransomware Arrested in Spain

SIM Swappers Are Working Directly with Ransomware Gangs Now

Hackers connected to “the Comm,” a nebulous group that includes SIM swappers, are working with ALPHV, a ransomware group that has impacted some of the biggest companies on the planet, including MGM Casinos.

#404media #EN #2023 #ALPHV #the-Comm #SIMSwappers #ransomware

·404media.co·Oct 27, 2023

SIM Swappers Are Working Directly with Ransomware Gangs Now

Un cybercriminel russe membre du gang Ragnar Locker arrêté en France

Un membre russe du gang de hackers Ragnar Locker a été arrêté en France. Ce collectif de cybercriminels est responsable de nombreuses cyberattaques par

#numerama #FR #2023 #ragnar #cybercriminel #russe #Locker #France #ransomware #arrêté

·numerama.com·Oct 21, 2023

Un cybercriminel russe membre du gang Ragnar Locker arrêté en France

Ragnar Locker ransomware gang taken down by international police swoop

This action, coordinated at international level by Europol and Eurojust, targeted the Ragnar Locker ransomware group. The group were responsible for numerous high-profile attacks against critical infrastructure across the world. In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain and Latvia. The “key target” of this malicious ransomware strain was arrested in Paris,...

#europol #EN #2023 #Ragnar #Locker #ransomware #Takedown

·europol.europa.eu·Oct 21, 2023

Ragnar Locker ransomware gang taken down by international police swoop

Ukrainian activists hack Trigona ransomware gang, wipe servers

A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available.

#bleepingcomputer #EN #2023 #Ukrainian-Cyber-Alliance #Trigona #ransomware #gang #hacked

·bleepingcomputer.com·Oct 19, 2023

Ukrainian activists hack Trigona ransomware gang, wipe servers

Ragnar Locker ransomware’s dark web extortion sites seized by police

The Ragnar Locker ransomware operation's Tor negotiation and data leak sites were seized Thursday morning as part of an international law enforcement operation.

#bleepingcomputer #EN #2023 #Ragnar #Ransomware #Leak #Seizure #police

·bleepingcomputer.com·Oct 19, 2023

Ragnar Locker ransomware’s dark web extortion sites seized by police

Breast Imaging During a Cyberattack and Global Pandemic: What We Did to Pick Up the Pieces - ScienceDirect

Cybersecurity in healthcare is a very real threat with the potential to severely disrupt patient care, place extra burden on an already strained system, and result in significant financial losses for a hospital or healthcare network. In October 2020, on the backdrop of the ongoing COVID-19 pandemic, our institution experienced one of the most significant cyberattacks on a healthcare system to date, lasting for nearly 40 days. By sharing our experience in radiology, and specifically in breast imaging, including the downtime procedures we relied upon and the lessons that we learned emerging from this cyberattack, we hope to help future victims of a healthcare cyberattack successfully weather such an experience.

#sciencedirect #EN #2023 #healthcare #ransomware #impact #experience #Vermont #UVMMC

·sciencedirect.com·Oct 16, 2023

Breast Imaging During a Cyberattack and Global Pandemic: What We Did to Pick Up the Pieces - ScienceDirect

Les hôpitaux de Vittel et Neufchâteau victimes d'une cyberattaque

C'est le black-out informatique au centre hospitalier de l'Ouest vosgien. Les établissements de Vittel et Neufchâteau ont été victimes d'une cyberattaque dans la nuit de vendredi à samedi. Les urgences restent maintenues, mais les activités programmées sont suspendues jusqu'à lundi inclus.

#francebleu #FR #2023 #hôpitaux #ransomware #Neufchâteau #Vittel #France

·francebleu.fr·Oct 9, 2023

Les hôpitaux de Vittel et Neufchâteau victimes d'une cyberattaque

Ransomware Negotiation: Dos and Don’ts!

Double extortion ransomware attacks have reached very high numerical values. One of the key elements, when suffering such an attack, concerns the negotiation that can be initiated (not always!) with the ransomware gang. The analysis, carried out by the SEC4U team, of hundreds of negotiations makes it possible to apply a scientific approach to this

#neteye-blog #EN #2023 #ransomchats #negotiation #negotiator #ransomware #ransomware-double-extortion #ransomware-negotiation #blue-team #sec4u

·neteye-blog.com·Oct 5, 2023

Ransomware Negotiation: Dos and Don’ts!

Sony confirms data breach impacting thousands in the U.S.

Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed personal information.

#bleepingcomputer #EN #2023 #Clop #Data-Breach #Data-Leak #MOVEit #MOVEit-Transfer #Ransomware #Sony #Zero-Day

·bleepingcomputer.com·Oct 4, 2023

Sony confirms data breach impacting thousands in the U.S.

From ScreenConnect to Hive Ransomware in 61 hours

In 2022, The DFIR Report observed an increase in the adversarial usage of Remote Management and Monitoring (RMM) tools. When compared to post-exploitation channels that heavily rely on terminals, such … Read More

#thedfirreport #EN #2023 #ScreenConnect #report #Hive #Ransomware

·thedfirreport.com·Sep 25, 2023

From ScreenConnect to Hive Ransomware in 61 hours

Ransomware flingers hit Manchester cops in the supply chain • The Register

The UK's Greater Manchester Police (GMP) has admitted that crooks have got their mitts on some of its data after a third-party supplier responsible for ID badges was attacked. According to the Manchester Evening News the stolen data included the names and pictures of police officers held by the supplier for use on thousands of ID badges.

#theregister #EN #2023 #Greater-Manchester-Police #databreach #ransomware #police #UK

·theregister.com·Sep 17, 2023

Ransomware flingers hit Manchester cops in the supply chain • The Register

KNVB paid ransom to prevent cyber criminals from publishing footballers' passports

The Dutch football association KNVB paid the ransom demanded by cyber criminals in a ransomware attack in April. The hackers stole Dutch and other football players’ passports, ID cards, home addresses, and salary slips and threatened to publish the data if the football association didn’t pay the ransom, the KNVB said on Tuesday.

#nltimes #EN #2023 #Dutch #football #association #KNVB #paid #ransomware #LockBit

·nltimes.nl·Sep 12, 2023

KNVB paid ransom to prevent cyber criminals from publishing footballers' passports

The Emergence of Ransomed: An Uncertain Cyber Threat in the Making

Ransomed, originally an illicit forum, is a ransomware collective that is finding new ways to extort victims by leveraging GDPR laws.

#flashpoint #EN #2023 #Ransomed #illicit #forum #ransomware #GDPR

·flashpoint.io·Sep 2, 2023

The Emergence of Ransomed: An Uncertain Cyber Threat in the Making

Unmasking Trickbot, One of the World’s Top Cybercrime Gangs

A WIRED investigation into a cache of documents posted by an unknown figure lays bare the Trickbot ransomware gang’s secrets, including the identity of a central member.

#wired #EN #2023 #Trickbot #Russia #member #ransomware

·wired.com·Sep 1, 2023

Unmasking Trickbot, One of the World’s Top Cybercrime Gangs

Attacks on Citrix NetScaler systems linked to ransomware actor

A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks.

#bleepingcomputer #EN #2023 #CVE-2023-3519 #Citrix #FIN8 #Citrix-ADC #Citrix-Gateway #Code-Injection #Ransomware #Remote-Code-Execution

·bleepingcomputer.com·Aug 29, 2023

Attacks on Citrix NetScaler systems linked to ransomware actor

Ransomware infection wipes all CloudNordic servers

IT outfit says it can't — and won't — pay the ransom demand

#theregister #EN #2023 #Ransomware #CloudNordic

·theregister.com·Aug 24, 2023

Ransomware infection wipes all CloudNordic servers

Dark Web Profile: 8Base Ransomware

In this article, we will focus on 8Base Ransomware, which ranked in the top 5 most active groups last month according to Daily Dark Web...

#socradar #EN #2023 #8Base #Ransomware #Profile

·socradar.io·Aug 16, 2023

Dark Web Profile: 8Base Ransomware

'DoubleDrive' attack turns Microsoft OneDrive into ransomware

Microsoft's OneDrive file-sharing program can be used as ransomware to encrypt most of the files on a target machine without possibility of recovery, partly because the program is inherently trusted by Windows and endpoint detection and response programs (EDRs). Presentation blackhat

#scmagazine #EN #2023 #OneDrive #Microsoft #ransomware

·scmagazine.com·Aug 16, 2023

'DoubleDrive' attack turns Microsoft OneDrive into ransomware

Ransomware tracker: The latest figures [August 2023]

The number of ransomware attacks posted on extortion websites shot up to a record high in July, with ransomware gangs publicly claiming more than 15 attacks per day on average. In total there were 484 ransomware attacks in July, compared to 408 the previous month, according to data collected by Recorded Future from extortion sites, government agencies, news reports, hacking forums, and other sources.

#therecord #EN #2023 #trends #ransomware #August2023

·therecord.media·Aug 16, 2023

Ransomware tracker: The latest figures [August 2023]