Ransomware – Page 46 – PossibleThreat Articles

Red Cross Hack Linked to Iranian Influence Operation?

February 16, 2022 0 Comments Data Breaches, FBI, fireeye, icrc hack, international committee for the red cross, kela, kelvinmiddelkoop@hotmail.com, Ne'er-Do-Well News, RaidForums, Ransomware, red cross and red crescent movement, restoring family links, sheriff, threat_actor, unindicted

Credit to Author: BrianKrebs| Date: Wed, 16 Feb 2022 16:44:19 +0000

A network intrusion at the International Committee for the Red Cross (ICRC) in January led to the theft of personal information on more than 500,000 people receiving assistance from the group. KrebsOnSecurity has learned that the email address used by a cybercriminal actor who offered to sell the stolen ICRC data also was used to register multiple domain names the FBI says are tied to a sprawling media influence operation originating from Iran.

Independent Krebs Security

Wazawaka Goes Waka Waka

February 14, 2022 0 Comments #babuk, A Little Sunshine, babuk ransomware, biba99, boriselcin, Cisco Talos, cve-2021-20028, dmitry smilyanets, groove ransom, mikhail pavlovich matveev, Ne'er-Do-Well News, orange, RaidForums, ramp, Ransomware, sonicwall vpn, teresacox19963@gmail.com, tox, verified, washington metropolitan police department, wazawaka

Credit to Author: BrianKrebs| Date: Mon, 14 Feb 2022 18:22:38 +0000

In January, KrebsOnSecurity examined clues left behind by “Wazawaka,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since “lost his mind” according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists. In last month’s story, we explored clues that led from Wazawaka’s multitude of monikers, email addresses, and passwords to a 30-something father in Abakan, Russia named Mikhail Pavlovich Matveev. This post concerns itself with the other half of Wazawaka’s identities not mentioned in the first story, such as how Wazawaka also ran the Babuk ransomware affiliate program, and later became “Orange,” the founder of the ransomware-focused Dark Web forum known as “RAMP.”

MalwareBytes Security

CISA Ransomware report warns “triple threat” attacks still on the prowl

February 14, 2022 0 Comments cisa, malware, organisation, Ransomware, triple threat

Credit to Author: Christopher Boyd| Date: Mon, 14 Feb 2022 18:20:00 +0000

We take a look at one of the most interesting aspects of the recently released CISA ransomware report: the triple threat.

Categories: Ransomware

Tags: cisa malware organisation ransomware triple threat

MalwareBytes Security

Ransomware gang hits 49ers’ network before Super Bowl kick off

February 14, 2022 0 Comments 2fa, 49ers, blackbyte ransomware, FBI, proxyshell, proxyshell vulnerability, raas, Ransomware, Ransomware as a Service, san franciso 49ers, two-factor authentication

Credit to Author: Jovi Umawing| Date: Mon, 14 Feb 2022 15:52:18 +0000

Just hours before the Super Bowl Sunday kick off, the San Francisco 49ers confirmed it was the victim of a ransomware attack.

Categories: Ransomware

Tags: 2fa 49ers BlackByte ransomware fbi proxyshell ProxyShell vulnerability raas ransomware ransomware-as-a-service San Franciso 49ers two-factor authentication

MalwareBytes Security

“We absolutely do not care about you”: Sugar ransomware targets individuals

February 8, 2022 0 Comments cl0p, cl0p ransomware, encoded01, encoded01 ransomware, marcelo rivero, peter antonov, Ransomware, revil, revil ransomware, scop encryption algorithm, simeon maltchev, stream cipher, sugar ransomware

Credit to Author: Jovi Umawing| Date: Tue, 08 Feb 2022 14:04:51 +0000

They call it Sugar ransomware, but it’s not sweet in any way.

Categories: Ransomware

Tags: Cl0p Cl0P ransomware Encoded01 Encoded01 ransomware Marcelo Rivero Peter Antonov ransomware revil REvil ransomware SCOP encryption algorithm Simeon Maltchev stream cipher Sugar ransomware

MalwareBytes Security

A week in security (January 24 – 30)

February 2, 2022 0 Comments A week in security, deadbolt, qnap, Ransomware

Credit to Author: Malwarebytes Labs| Date: Mon, 31 Jan 2022 10:52:27 +0000

The most important and interesting security stories from the last seven days.

Categories: A week in security

Tags: deadbolt qnap ransomware

(Read more…)

The post A week in security (January 24 – 30) appeared first on Malwarebytes Labs.

MalwareBytes Security

[updated]QNAP update stops Deadbolt ransomware, annoys some users, starts debate

February 2, 2022 0 Comments deadbolt, forced update, icsci, NAS, qnap, Ransomware

Credit to Author: Pieter Arntz| Date: Fri, 28 Jan 2022 16:32:41 +0000

After several warnings to their user and thousands of victims, QNAP pushed out a forced update to their NAS devices.

Categories: Ransomware

Tags: deadbolt forced update icsci nas qnap ransomware

MalwareBytes Security

Ransomware gangs are recruiting breached individuals to persuade companies to pay up

February 2, 2022 0 Comments cisa, dark web, exfiltrated data, identity protection, Insider Threat, lockbit, Ransomware, school district

Credit to Author: Pieter Arntz| Date: Thu, 27 Jan 2022 12:17:12 +0000

Ransomware attackers are starting to reach out to individuals whose data they have compromised in a breach, asking them to help get the compromised company to pay up.

Categories: Ransomware

Tags: cisa Dark Web exfiltrated data identity protection insider threat lockbit ransomware school district