ransomware

Pierluigi Paganini August 30, 2022
World’s largest distributors of books Baker & Taylor hit by ransomware

Baker & Taylor, one of the world’s largest distributors of books, revealed that it was hit by a ransomware attack. Baker & Taylor, one of the world’s largest distributors of books worldwide, suffered a ransomware attack on August 23. The incident impacted the company’s phone systems, offices, and service centers. On August 24, the company […]

Pierluigi Paganini August 27, 2022
Threat actor abuses Genshin Impact Anti-Cheat driver to disable antivirus

Threat actors abused a vulnerable anti-cheat driver for the Genshin Impact video game to disable antivirus software. Threat actors abused a vulnerable anti-cheat driver, named mhyprot2.sys, for the Genshin Impact video game to disable antivirus software. According to Trend Micro, a cybercrime gang abused the driver to deploy ransomware. The driver provides anti-cheat functions, but […]

Pierluigi Paganini August 18, 2022
BlackByte ransomware v2 is out with new extortion novelties

A new version of the BlackByte ransomware appeared in the threat landscape, version 2.0 uses extortion techniques similar to LockBit ones. BlackByte ransomware Version 2.0 appeared in the threat landscape after a short break, the latest version has a new data leak site. It is interesting to note that the group introduced some novelties in the […]

Pierluigi Paganini August 12, 2022
BazarCall attacks have revolutionized ransomware operations

The Conti ransomware gang is using BazarCall phishing attacks as an initial attack vector to access targeted networks. BazarCall attack, aka call back phishing, is an attack vector that utilizes targeted phishing methodology and was first used by the Ryuk ransomware gang in 2020/2021. The BazarCall attack chain is composed of the following stages: Stage […]

Pierluigi Paganini July 20, 2022
New Luna ransomware targets Windows, Linux and ESXi systems

Kaspersky researchers discovered a new ransomware family written in Rust, named Luna, that targets Windows, Linux, and ESXi systems. Researchers from Kaspersky Lab detailed a new ransomware family named Luna, which is written in Rust and is able to target Windows, Linux, and ESXi systems. Luna ransomware is the third ransomware family that is written […]

Pierluigi Paganini July 11, 2022
BlackCat (aka ALPHV) Ransomware is Increasing Stakes up to $2,5M in Demands

BlackCat (aka ALPHV) Ransomware gang introduced an advanced search by stolen victim’s passwords, and confidential documents. The notorious cybercriminal syndicate BlackCat competes with Conti and Lockbit 3.0. They introduced an advanced search by stolen victim’s passwords, and confidential documents leaked in the TOR network Resecurity (USA), a Los Angeles-based cybersecurity company protecting Fortune 500 companies, […]

Pierluigi Paganini July 10, 2022
French telephone operator La Poste Mobile suffered a ransomware attack

French virtual mobile telephone operator La Poste Mobile was hit by a ransomware attack that impacted administrative and management services.  The ransomware attack hit the virtual mobile telephone operator La Poste Mobile on July 4 and paralyzed administrative and management services.  The company pointed out that threat actors may have accessed data of its customers, […]

Pierluigi Paganini July 09, 2022
Evolution of the LockBit Ransomware operation relies on new techniques

Experts documented the evolution of the LockBit ransomware that leverages multiple techniques to infect targets and evade detection. The Cybereason Global Security Operations Center (GSOC) Team published the Cybereason Threat Analysis Reports that investigates the threat landscape and provides recommendations to mitigate their attacks. The researchers focused on the evolution of the Lockbit ransomware, they detailed two infections occurring […]

Pierluigi Paganini July 02, 2022
A ransomware attack forced publishing giant Macmillan to shuts down its systems

A cyber attack forced the American publishing giant Macmillan to shut down its IT systems.  The publishing giant Macmillan has been hit by a cyberattack that forced the company to shut down its IT infrastructure to prevent the threat from spreading within its network. The company spokesman Erin Coffey told different media outlets that attackers have encrypted […]

Pierluigi Paganini June 30, 2022
Korean cybersecurity agency released a free decryptor for Hive ransomware

Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions. Good news for the victims of the Hive ransomware, the South Korean cybersecurity agency KISA has released a free decryptor for versions from v1 till v4. “The Korea Internet & Security Agency (KISA) is distributing […]