chevron_right
Ransomware : pourquoi les gangs ne sont pas près de s'arrêter
Nelly Lesage · news.movim.eu / Numerama · Wednesday, 3 February, 2021 - 11:53
Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom ! https://www.numerama.com/vroom/vroom//
L'article Ransomware : pourquoi les gangs ne sont pas près de s’arrêter est apparu en premier sur Numerama .
Police Have Disrupted the Emotet Botnet
Bruce Schneier · news.movim.eu / Schneier · Thursday, 28 January, 2021 - 16:09 · 1 minute
A coordinated effort has captured the command-and-control servers of the Emotet botnet:
Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware . Subjects of emails and documents in Emotet campaigns are regularly altered to provide the best chance of luring victims into opening emails and installing malware regular themes include invoices, shipping notices and information about COVID-19 .
Those behind the Emotet lease their army of infected machines out to other cyber criminals as a gateway for additional malware attacks, including remote access tools (RATs) and ransomware .
[…]
A week of action by law enforcement agencies around the world gained control of Emotet’s infrastructure of hundreds of servers around the world and disrupted it from the inside.
Machines infected by Emotet are now directed to infrastructure controlled by law enforcement, meaning cyber criminals can no longer exploit machines compromised and the malware can no longer spread to new targets, something which will cause significant disruption to cyber-criminal operations.
[…]
The Emotet takedown is the result of over two years of coordinated work by law enforcement operations around the world, including the Dutch National Police, Germany’s Federal Crime Police, France’s National Police, the Lithuanian Criminal Police Bureau, the Royal Canadian Mounted Police, the US Federal Bureau of Investigation, the UK’s National Crime Agency, and the National Police of Ukraine.
chevron_right
Capcom confirms at least 16,000 people affected by Nov. data breach
Kyle Orland · news.movim.eu / ArsTechnica · Tuesday, 12 January, 2021 - 16:19
Back in November , Capcom announced that personal data for up to 350,000 people may have been revealed by a "customized ransomware attack" on its systems. Today, the company announced that the number has grown to 390,000 potential victims, including over 16,000 confirmed to have had their information compromised.
The group of 16,415 people whose personal data was definitely taken is primarily made up of Capcom business partners and current and former employees, who had their name, email address, and other contact information revealed.
Capcom is also now confirming earlier suspicions that company information, including "sales reports, financial information, game development documents, [and] other information related to business partners," was taken during the attack. Documents matching that description have been circulating around certain corners of the Internet since November.
Read 3 remaining paragraphs | Comments
chevron_right
Ransomware : Bitdefender désarme le gang de cybercriminels Darkside avec un outil gratuit
Julien Cadot · news.movim.eu / Numerama · Tuesday, 12 January, 2021 - 11:12
Abonnez-vous à notre chaîne YouTube pour ne manquer aucune vidéo !
L'article Ransomware : Bitdefender désarme le gang de cybercriminels Darkside avec un outil gratuit est apparu en premier sur Numerama .
chevron_right
2020 had its share of merorable hacks and breaches. Here are the top 10
Dan Goodin · news.movim.eu / ArsTechnica · Monday, 28 December, 2020 - 12:46
Enlarge (credit: Traitov | Getty Images )
2020 was a tough year for a lot of reasons, not least of which were breaches and hacks that visited pain on end users, customers, and the organizations that were targeted. The ransomware menace dominated headlines, with an endless stream of compromises hitting schools, governments, and private companies as criminals demanded ransoms in the millions of dollars. There was a steady stream of data breaches as well. Several mass account takeovers made appearances, too.
What follows are some of the highlights. For good measure, we’re also throwing in a couple notable hacks that, while not actively used in the wild, were impressive beyond measure or pushed the boundaries of security.
2020 saved the most devastating breach for last. Hackers that multiple public officials say are backed by the Russian government started by compromising the software distribution system of SolarWinds, the maker of network monitoring software that tens of thousands of organizations use. The hackers then used their position to deliver a backdoored update to about 18,000 customers. From there, the hackers had the ability to steal, destroy, or modify data on the networks of any of those customers.
Read 19 remaining paragraphs | Comments
chevron_right
Les gangs derrière les rançongiciels font sonner le téléphone des victimes qui les ignorent
Marie Turcan · news.movim.eu / Numerama · Monday, 7 December, 2020 - 11:21
Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom ! https://www.numerama.com/vroom/vroom//
L'article Les gangs derrière les rançongiciels font sonner le téléphone des victimes qui les ignorent est apparu en premier sur Numerama .
chevron_right
Egregor fait imprimer sa demande de rançon par les machines de ses victimes
Nelly Lesage · news.movim.eu / Numerama · Monday, 16 November, 2020 - 14:10
Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom ! https://www.numerama.com/vroom/vroom//
L'article Egregor fait imprimer sa demande de rançon par les machines de ses victimes est apparu en premier sur Numerama .
chevron_right
Android ransomware has picked up some ominous new tricks
WIRED · news.movim.eu / ArsTechnica · Saturday, 10 October, 2020 - 10:16
Enlarge (credit: Milana Romazanova | Getty Images)
Though ransomware has been around for years, it poses an ever-increasing threat to hospitals , municipal governments , and basically any institution that can't tolerate downtime . But along with the various types of PC malware that are typically used in these attacks, there's another burgeoning platform for ransomware as well: Android phones. And new research from Microsoft shows that criminal hackers are investing time and resources in refining their mobile ransomware tools—a sign that their attacks are generating payouts.
Released on Thursday, the findings , which were detected using Microsoft Defender on mobile, look at a variant of a known Android ransomware family that has added some clever tricks. That includes a new ransom note delivery mechanism, improved techniques to avoid detection, and even a machine learning component that could be used to fine-tune the attack for different victims' devices. While mobile ransomware has been around since at least 2014 and still isn't a ubiquitous threat, it could be poised to take a bigger leap.
Read 8 remaining paragraphs | Comments
chevron_right
Russian tourist offered employee $1 million to cripple Tesla with malware
Dan Goodin · news.movim.eu / ArsTechnica · Friday, 28 August, 2020 - 02:12
Enlarge (credit: Tesla)
Tesla’s Nevada Gigafactory was the target of a concerted plot to cripple the company’s network with malware, CEO Elon Musk confirmed on Thursday afternoon.
The plan's outline was divulged on Tuesday in a criminal complaint that accused a Russian man of offering $1 million to the employee of a Nevada company, identified only as “Company A,” in exchange for the employee infecting the company’s network. The employee reported the offer to Tesla and later worked with the FBI in a sting that involved him covertly recording face-to-face meetings discussing the proposal.
“The purpose of the conspiracy was to recruit an employee of a company to surreptitiously transmit malware provided by the coconspirators into the company’s computer system, exfiltrate data from the company’s network, and threaten to disclose the data online unless the company paid the coconspirators’ ransom demand,” prosecutors wrote in the complaint.
Read 9 remaining paragraphs | Comments
