Of particular interest is the Air Forward attack as it was done by the new Hades ransomware operation that began operating last month and has been busy racking up victims.
This week’s other big news is the law enforcement takedown of the Safe-Inet and Insorg VPN and proxy services known for catering to cybercriminal activity.
According to Europol, threat actors using these services included ransomware operations, skimming attacks, and more.
“Active for over a decade, Safe-Inet was being used by some of the world’s biggest cybercriminals, such as the ransomware operators responsible for ransomware, E-skimming breaches and other forms of serious cybercrime,” Europol stated in a press release about the operation.
Contributors and those who provided new ransomware information and stories this week include @FourOctets, @PolarToffee, @DanielGallagher, @malwrhunterteam, @LawrenceAbrams, @struppigel, @fwosar, @VK_Intel, @jorntvdw, @serghei, @demonslay335, @malwareforme, @Ionut_Ilascu, @Seifreed, @BleepinComputer, @AhnLab_SecuInfo, @chum1ng0, @siri_urz, @Kangxiaopao, @Jirehlov, @fbgwls245, @M_Shahpasandi, and @S2Wlab.
M. Shahpasandi found a new ransomware called ANCrypted.
Flavor and fragrance developer Symrise has suffered a Clop ransomware attack where the attackers allegedly stole 500 GB of unencrypted files and encrypted close to 1,000 devices.
Trucking and freight logistics company Forward Air has suffered a ransomware attack by a new ransomware gang that has impacted the company’s business operations.
Also Read: The 5 Benefits Of Outsourcing Data Protection Officer Service
The Institute for Security and Technology (IST) — in partnership with a broad coalition of experts in industry, government, law enforcement, nonprofits, cybersecurity insurance, and international organizations — is today launching a new Ransomware Task Force (RTF) to tackle this increasingly prevalent and destructive type of cybercrime. The RTF’s founding members understand that ransomware is too large of a threat for any one entity to address, and have come together to provide clear recommendations for both public and private action that will significantly reduce the threat posed by this criminal enterprise.
S!ri discovered the BlackMamba 2.0 ransomware.
S!ri discovered a new ransomware called cuteRansomware.
Since September 23, 2019, CVE-2019-1367 vulnerability, which the developer of Magniber used for distribution, stopped operating in the systems with emergency security patch (Version 1903) applied. In response, the developer changed the latest vulnerability to CVE-2020-0968, expanding the infection target range. On top of this occurrence, CVE-2020-0968 security patch (distributed on April 15, 2020) cannot be applied to Windows 7 as it is no longer supported as of January 14, 2020. For better understanding of the changes, see figures below which are the comparisons between the codes before the change (including POC) and the those after the change.
Law enforcement agencies around the world in a coordinated effort took down and seized the infrastructure supporting Safe-Inet and Insorg VPN and proxy services known for catering to cybercriminal activity.
MalwareHunterTeam found a new v316 Jigsaw variant that pretends to be a ProtonVPN installer.
S2W LAB publishes weekly reports of the Ransomware activities that took place at Dark Web. Report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operator, etc.
Also Read: How To Prevent WhatsApp Hack: 7 Best Practices
Sangoma disclosed a data breach after files were stolen during a recent Conti ransomware attack and published online.
xiaopao discovered the LOL ransomware that appends the .jcrypt extension to encrypted files.
xiaopao discovered a new ransomware called RansomeToad that appends the .rtcrypted extension.
xiaopao found a new Dharma ransomware variant that appends the .21btc extension to encrypted files.
xiaopao found a new ransomware called BlueEagle that appends the ..MaxSteel.Saher Blue Eagle extension.
Amigo-A found a new STOP ransomware variant that appends the .igal extension.
MalwareHunterTeam found a new ransomware that appends the .HaHaHaHaHaHaHaHa extension to encrypted files.
Jirehlov Solace found a new ransomware that appends the .mijnal extension and drops a ransom note named OpenTheTorBrouser.html.
Jirehlov Solace found a new ransomware named PThree that appends the .16x extension to encrypted files.
Home appliances giant Whirlpool suffered a ransomware attack by the Nefilim ransomware gang who stole data before encrypting devices.
dnwls0719 found a new ransomware that appends the .lockedv1 extension and drops a ransom note named READMEV1.txt.
The US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) warned financial institutions of ransomware actively targeting vaccine research organizations.
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
Prioritizing Security Measures When Launching a Webpage That Every Organisation in Singapore should take note…
Importance of Regularly Changing Passwords for Enhance Online Security that every Organisation in Singapore should…
Comprehensive Approach to Data Protection and Operational Integrity that every Organsiation in Singapore should know…
Here's the importance of Pre-Launch Testing in IT Systems Implementation for Organisations in Singapore. The…
Understanding Liability in IT Vendor Relationships that every Organisation in Singapore should look at. Understanding…
This website uses cookies.
