Memento Ransomware
A new ransomware group called Memento takes the unusual approach of locking files inside password-protected archives after their encryption method kept being detected by security software. The group became active…
Posted inSql
Malwareless Ransomware pwned database
A “malwareless” ransomware campaign delivered from UK IP addresses targeting weak security controls around internet-facing SQL servers successfully pwned 83,000 victims, according to Israeli infosec biz Guardicore. “The attack chain…
Egregor hits Randstand & Vancouver Metro
Egregor is a new organized cybercrime ransomware-as-a-service operation that partners with affiliates to compromise networks and deploy their ransomware. The ransomware gang began operating in the middle of September 2020…
Posted inBotnet cybersecurity Data Breaches
Qakbot 🐎 ->Prolock ☠️-> Egregor 👹
Group-IB discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware. ProLock = Egregor The analysis of attacks where Egregor has been deployed revealed that the TTPs used…
Egregor strikes printers
The Egregor ransomware uses a novel approach to get a victim's attention after an attack - shoot ransom notes from all available printers. Ransomware gangs know that many businesses would…
Netwalker… Made a brief walk on Argentina border ⛔
Argentina’s immigration agency, Dirección Nacional de Migraciones (DNM), was the victim of a ransomware attack that temporarily halted border crossings, with hackers demanding $4 million in Bitcoin. The attack was…