Security Affairs

MAY 12, 2023

CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country. The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350.

Education 246

Education Ransomware Encryption Communications 246

Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education 246

Education Data breaches Ransomware Access 246

Security Affairs

SEPTEMBER 15, 2020

Experts warn of a surge in the DDoS attacks against education institutions and the academic industry across the world. The DDoS attacks are causing severe issues to the targeted education institutions such as temporarily takedown of the network and online classes. Most of the attacks targeted educational institutions in the U.S.,

Education 337

Education Ransomware Security IT 337

Data Breach Today

SEPTEMBER 18, 2020

Check Point Researchers Identify Increases in DDoS Attacks, Other Threats Check Point Research analysts have observed a significant rise in cyberthreats on the educational sector worldwide since July. while European institutions have been hit by ransomware. DDoS attacks have surged in the U.S.,

Education 285

Education Ransomware 285

Security Affairs

JUNE 24, 2021

A new Trojan written in the Go programming language, tracked as ChaChi, was involved in ransomware attacks against government agencies and US schools. “This is a notable change in operation from earlier notable ransomware campaigns such as NotPetya or WannaCry,” continues the researchers. ” . . Pierluigi Paganini.

Ransomware 361

Ransomware Education Cybersecurity Government 361

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Ransomware 354

Ransomware Manufacturing Education Libraries 354

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. The Rhysida ransomware group claimed to have breached the Abdali Hospital in Jordan and added it to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023.

Ransomware 345

Ransomware Manufacturing Education Libraries 345

Data Breach Today

JUNE 6, 2020

Attacks Targeting Education and Software Companies Started in December 2019 A sophisticated strain of ransomware called Tycoon has been selectively targeting education and software companies since December 2019, according to a joint report released by BlackBerry and KPMG.

Ransomware 321

Ransomware Education IT 321

Security Affairs

DECEMBER 19, 2022

Researchers spotted a new variant of the Agenda ransomware which is written in the cross-platform programming language Rust. Trend Micro researchers have spotted a new variant of the Agenda ransomware (aka Qilin) that is written in Rust Language. The researchers estimated that combined revenue surpasses US$550 million. AGENDA.THIAFBB.”

Ransomware 355

Ransomware Encryption Passwords Education 355

Data Breach Today

SEPTEMBER 6, 2021

Revenue, Size, Geography and Level of Access Help Determine Sale Price for Access The most sought-after type of victim for ransomware-wielding attackers is a large, U.S.-based

Ransomware 345

Ransomware Education Sales Access 345

Data Breach Today

OCTOBER 13, 2023

Researcher Published Proof-of-Concept Exploit Code 1 Day After Vendor Issued Patch Ransomware-wielding attackers are targeting unpatched versions of FTP software that is widely used by large enterprises, including government and educational organizations.

Ransomware 336

Ransomware Education Government IT 336

Security Affairs

SEPTEMBER 14, 2020

Researchers from Temple University have been tracking ransomware attacks on critical infrastructure all over the world. The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. SecurityAffairs – hacking, ransomware).

Ransomware 359

Ransomware Data collection Education Security 359

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 335

Ransomware Authentication Cybersecurity Education 335

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware.

Ransomware 346

Ransomware Manufacturing Education Libraries 346

Security Affairs

DECEMBER 22, 2022

The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions. SentinelOne researchers discovered that the Vice Society ransomware gang has started using a custom ransomware that implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms.

Ransomware 362

Ransomware Encryption File names Education 362

Security Affairs

DECEMBER 1, 2021

Sabbath ransomware is a new threat that has been targeting critical infrastructure in the United States and Canada since June 2021. A new ransomware group called Sabbath (aka UNC2190) has been targeting critical infrastructure in the United States and Canada since June 2021. ” reads the post published by Mandiant.

Ransomware 358

Ransomware Education Encryption Security 358

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. It was this first time that the operators adopted this tactic.

Ransomware 349

Ransomware Encryption Education Phishing 349

Security Affairs

AUGUST 2, 2020

The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. The flash alert also includes indicators of compromise for the Netwalker ransomware along with mitigations. ” reads the alert.

Ransomware 363

Ransomware Encryption Passwords Government 363

Security Affairs

DECEMBER 17, 2020

FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay, threatening to send individuals to their homes. “As of February 2020, in multiple instances, DoppelPaymer actors had followed ransomware infections with calls to the victims to extort payments through intimidation or threatening to release exfiltrated data.

Ransomware 361

Ransomware Education Authentication Security 361

Krebs on Security

MAY 14, 2021

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The DarkSide message includes passages apparently penned by a leader of the REvil ransomware-as-a-service platform.

Ransomware 364

Ransomware Education Communications Access 364

Security Affairs

JANUARY 30, 2021

A ransomware infected the systems at the UK Research and Innovation (UKRI), at leat two services were impacted. The UK Research and Innovation (UKRI) discloses a ransomware incident that impacted a number of UKRI-related web assets. ” reads the statement published by UKRI. Pierluigi Paganini. SecurityAffairs – hacking, Intel).

Ransomware 363

Ransomware Education Personal data Encryption 363

Security Affairs

NOVEMBER 15, 2023

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. ” reads the joint advisory.

Ransomware 335

Ransomware Manufacturing Education Passwords 335

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) The issue was listed by CISA as known to be used in ransomware campaigns, but the agency did not reveal which ransomware groups are actively exploiting the issue. in attacks in the wild. This week the U.S.

Ransomware 351

Ransomware Education Cybersecurity Passwords 351

Security Affairs

NOVEMBER 20, 2023

The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Libraries 347

Libraries Ransomware Manufacturing Education 347

Security Affairs

MAY 7, 2021

The Cuba Ransomware gang has partnered with the crooks behind the Hancitor malware in attacks aimed at corporate networks. Group-IB Threat Intelligence & Attribution team found that Hancitor is being actively used by the threat actors to deploy Cuba ransomware. Cuba ransomware has been active since at least January 2020.

Ransomware 326

Ransomware Education Manufacturing Healthcare 326

Security Affairs

APRIL 27, 2020

The operators behind the Shade Ransomware (Troldesh) shut down their operations and released over 750,000 decryption keys. Good news for the victims of the infamous Shade Ransomware , the operators behind the threat have shut down their operations and released over 750,000 decryption keys. SecurityAffairs – Shade Ransomware, hacking).

Ransomware 363

Ransomware File names Education Encryption 363

Data Breach Today

AUGUST 25, 2021

Attacker Extols the Malware While Also Advising Would-Be Victims on Optimal Defenses Want defensive advice from a ransomware-wielding attacker? In a tell-all interview, a LockBit 2.0

Ransomware 312

Ransomware Education 312

Security Affairs

OCTOBER 14, 2023

The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data. The technology services giant CDW announced it has launched an investigation into claims made by the Lockbit ransomware gang that added the company to the list of victims on its leak site.

Ransomware 355

Ransomware Archiving Cybersecurity Education 355

Security Affairs

DECEMBER 22, 2023

The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The Akira ransomware gang claimed to have breached Nissan Australia and to have stolen around 100GB of files from the carmaker giant. “We’ve obtained 100 GB of data of Nissan Australia.

Ransomware 352

Ransomware Data breaches Financial Services Archiving 352

Security Affairs

SEPTEMBER 20, 2024

Microsoft warns that financially motivated threat actor Vanilla Tempest is using INC ransomware in attacks aimed at the healthcare sector in the U.S. Microsoft observed the financially motivated threat actor tracked as Vanilla Tempest using INC ransomware for the first time to target the healthcare sector in the United States.

Ransomware 322

Ransomware Manufacturing Education IT 322

Security Affairs

AUGUST 7, 2024

The Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware and offers alleged stolen data for 25 BTC. The Rhysida Ransomware group claims to have breached Bayhealth Hospital and added the hospital to the list of victims on its Tor leak site. Bayhealth Hospital in Dover, Delaware breached by Rhysida Ransomware.

Ransomware 337

Ransomware Manufacturing Libraries Education 337

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 302

Ransomware Authentication Cybersecurity Education 302

Security Affairs

NOVEMBER 14, 2021

The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to increase resilience to ransomware attacks. The US Federal Trade Commission (FTC) published guidance for small businesses on how to protect their networks from ransomware attacks. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware 312

Ransomware Passwords Authentication Data breaches 312

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog. and Europe in early March.” So it’s a double vig.”

Ransomware 340

Ransomware Agriculture Encryption Access 340

Security Affairs

SEPTEMBER 8, 2023

A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns. “ The company explained that the zero-day vulnerability was exploited by ransomware groups, such as the Akira ransomware gang, to target organizations. or earlier).

Ransomware 362

Ransomware Authentication Access Education 362

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code. This is not an idle concern.

Ransomware 354

Ransomware Encryption Manufacturing Phishing 354

Security Affairs

OCTOBER 14, 2023

CISA warns organizations of vulnerabilities and misconfigurations that are known to be exploited in ransomware operations. The US cybersecurity agency CISA is sharing knowledge about vulnerabilities and misconfigurations exploited in ransomware attacks. ” reads the advisory. ” reads the announcement.

Ransomware 321

Ransomware Manufacturing Education Risk 321