German users targeted with Gootkit banker or REvil ransomware

Credit to Author: Threat Intelligence Team| Date: Mon, 30 Nov 2020 16:00:55 +0000

After a noted absence, the Gootkit banking Trojan returns en masse to hit Germany. In an interesting twist, some of the victims may receive ransomware instead.

Categories: MalwareThreat analysis

Tags:

(Read more…)

The post German users targeted with Gootkit banker or REvil ransomware appeared first on Malwarebytes Labs.

Read more

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Credit to Author: BrianKrebs| Date: Wed, 28 Oct 2020 16:58:55 +0000

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. The Gunnebo Group is a Swedish multinational company that provides physical security to a variety of clients globally, including banks, government agencies, airports, casinos, jewelry stores, tax agencies and even nuclear power plants. The company has operations in 25 countries, more than 4,000 employees, and billions in revenue annually.

Read more

This Service Helps Malware Authors Fix Flaws in their Code

Credit to Author: BrianKrebs| Date: Mon, 18 May 2020 15:31:17 +0000

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals.

Read more

Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk

Credit to Author: Eric Avena| Date: Tue, 28 Apr 2020 16:00:49 +0000

Multiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in the first two weeks of April 2020.

The post Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk appeared first on Microsoft Security.

Read more

Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do

Credit to Author: Eric Avena| Date: Wed, 01 Apr 2020 16:00:13 +0000

Microsoft identified several dozens of hospitals with vulnerable gateway and VPN appliances. We sent these hospitals a first-of-its-kind notification with important info about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates.

The post Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do appeared first on Microsoft Security.

Read more

Ransomware at IT Services Provider Synoptek

Credit to Author: BrianKrebs| Date: Sat, 28 Dec 2019 01:49:05 +0000

Synoptek, a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. The company has reportedly paid a ransom demand in a bid to restore operations as quickly as possible. Irvine, Calif.-based Synoptek is a managed service provider that maintains a variety of cloud-based services for more than 1,100 customers across a broad spectrum of industries, including state and local governments, financial services, healthcare, manufacturing, media, retail and software. The company employs nearly a thousand employees and brought in more than $100 million in revenue in the past year.

Read more

Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up

Credit to Author: BrianKrebs| Date: Tue, 17 Dec 2019 02:21:23 +0000

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen to rebuild their operations instead of acquiescing to their tormentors.

Read more

Ransomware at Colorado IT Provider Affects 100+ Dental Offices

Credit to Author: BrianKrebs| Date: Sat, 07 Dec 2019 21:17:24 +0000

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned. Multiple sources affected say their IT provider, Englewood, Colo. based Complete Technology Solutions (CTS), was hacked, allowing a potent strain of ransomware known as “Sodinokibi” or “rEvil” to be installed on computers at more than 100 dentistry businesses that rely on the company for a range of services — including network security, data backup and voice-over-IP phone service.

Read more