Heimdal
Latest Articles

Tag: ransomware

Cybersecurity News | INTERMEDIATE READ

Recent Ransomware Attacks

A List of Companies Affected by Ransomware [Updated 2023]

Ransomware | INTERMEDIATE READ

Locking Out Cybercriminals: Here's How to Prevent Ransomware Attacks

13 Actionable Steps to Prevent Ransomware Attacks.

Ransomware | INTERMEDIATE READ

Locky Ransomware 101: Everything You Need to Know

How Locky Ransomware Works and How to Stay Safe from It. Detection, Decryption and Safety Tips for Locky Ransomware.

Cybersecurity News | QUICK READ

Professional Finance Company Inc. (PFC) Became Victim of a Ransomware Attack

The Attack Resulted in Data Breach that Affected Over 600 Healthcare Businesses.

Cybersecurity News | QUICK READ

Fake Copyright Emails Used to Deploy LockBit Ransomware

LockBit Ransomware Affiliates Are Using Social Engineering to Propagate the Malware.

Cybersecurity News | QUICK READ

Security Breach at Flagstar Bank Affects 1.5 Million Clients

Cybercriminals Acquired Access to 1.5 Million Flagstar Bank Customers’ Personal Information.

Cybersecurity News | QUICK READ

Chaes Banking Trojan Wreaks Havoc Online

The Malware Is Apparently Making Use of Malicious Chrome Extensions.

Cybersecurity News | QUICK READ

QNAP Devices Targeted in Ransomware Attack

DeadBolt Ransomware Is Encrypting QNAP NAS Systems All Around the World.

Cybersecurity News | QUICK READ

Qlocker Ransomware Is Apparently Back in Business

The Ransomware Targets QNAP NAS Devices Worldwide.

Cybersecurity News | QUICK READ

TellYouThePass Ransomware Returns as a Cross-Platform Golang Threat

Malicious Actors Made Code Changes that Make It Easier to Build for Systems Other than Windows.

Cybersecurity News | QUICK READ

Ransomware Attack Suffered by FinalSite Shuts Down Thousands of Websites

The Website Service Provider Has Been the Victim of an Attack that Disrupted Access to Websites for Thousands of Schools Worldwide.

Cybersecurity News | QUICK READ

New Ransomware Family Deployed in Log4Shell Attacks

Malicious Actors Are Trying to Deploy a Ransomware Family Dubbed Khonsari.

Cybersecurity Basics | QUICK READ

The Ransomware Attack Suffered by Kronos May Cause Weeks of Downtime

It Seems that the Threat Actors Were Able to Infiltrate Kronos’ Systems and Encrypted Servers.

Cybersecurity News | QUICK READ

ALPHV BlackCat, a New Ransomware

The Ransomware Operation Comes with a Highly-Customizable Feature Set that Allows Attackers to Target a Wide a Large Number of Corporate Environments.

Cybersecurity News | QUICK READ

Former Ubiquiti Employee Charged with Data Theft

The Former Developer Was Charged for Trying to Extort Ubiquity.

Cybersecurity News | QUICK READ

Who Is Behind the Comeback of Emotet?

Conti Ransomware Gang Seems to Be Responsible for Emotet’s Rebirth.

Cybersecurity News | QUICK READ

A New Europol Report Says That High Profile Targets Were the Focus of Ransomware Groups

Hackers Targeted in the Past Year Big Companies and Government Institutions.

Cybersecurity News | QUICK READ

Magniber Ransomware Shifts Attention Now to Internet Explorer Vulnerabilities

The Known Ransomware Group Has Changed Its focus, Exploiting Now IE Flaws.

Cybersecurity News | QUICK READ

Clop Ransomware Exploits SolarWinds Serv-U Flaw

The Clop Ransomware Gang Is Exploiting the Vulnerability in Attacks.

Cybersecurity News | QUICK READ

A Tough Week for REvil Ransomware

Ransomware Group Affiliates Arrested. $10 million Bounty for the Whereabouts of the Group’s Leaders.

Cybersecurity News | QUICK READ

Data Breach Hits UK Labour Party

Details Belonging to Its Members Were Disclosed Following a Ransomware Attack.

Cybersecurity News | QUICK READ

BlackMatter Ransomware to Shut Down Its Operations

The Ransomware Group Claims to Be Shutting Down Due to Police Pressure.

Cybersecurity News | QUICK READ

HelloKitty Ransomware Adds New Extortion Tactics

Distributed Denial-of-service (DDoS) Attacks Were Added to the Malicious Actors’ Arsenal.

Cybersecurity News | QUICK READ

Minecraft Alt Lists Used by Chaos Ransomware

 The Ransomware Gang Encrypts Gamers’ Windows Devices Using Fake Minecraft Alt Lists.

Cybersecurity News | QUICK READ

NRA Presumably Attacked by Grief Ransomware

The National Rifle Association Has Not Commented Upon the Malicious Actor’s Claims.

Cybersecurity News | QUICK READ

Ransomware Dubbed Ranzy Locker Has Affected No Less Than 30 US Companies in 2021, FBI Reports

The Federal Bureau of Investigation Released a Report Illustrating the Ranzy Locker’s Effect Throughout This Year.

Cybersecurity News | QUICK READ

$5.2 Billion Worth of Bitcoin Transactions Related to Ransomware

The Outgoing Bitcoin Transactions Have Been Found to Be Likely Linked to the Top 10 Most Commonly Reported Ransomware Reports.

Cybersecurity News | QUICK READ

Senior Officials Join the U.S. in an Anti-Ransomware Initiative

Following the White House’s Counter-Ransomware Initiative Event, Many States Agreed to Fight For Crypto Payments Channels Disruption.

Cybersecurity News | QUICK READ

REvil Ransomware’s Tor Sites Were Hijacked

It Seems Like the Ransomware Operation Has Shut Down Again.

Cybersecurity News | QUICK READ

Yanluowang Ransomware Targets Enterprise Entities

Ransomware Strains: a Never-Ending Game.

Cybersecurity News | QUICK READ

University of Sunderland Faced Operation Issues Following a Cyber-attack

The UK University Had Taken Most of Its IT Systems Down. 

Cybersecurity News | QUICK READ

Cox Media Group Ransomware Attack Confirmed

The Attack Took Down the Live TV and Radio Broadcast Streams.

Cybersecurity News | QUICK READ

New Ransomware Dubbed Atom Silo Targets Confluence Servers

The New Ransomware Group Is Targeting a Recently Patched and Actively Exploited Confluence Server.

Cybersecurity News | QUICK READ

Sandhills Shut Down by Ransomware Attack

The Website for Sandhills Global and All Their Hosted Publications Went Offline.

Cybersecurity News | QUICK READ

A Backdoor Was Added by the REvil Ransomware Developers in an Attempt to Cheat Affiliates

It Looks Like the Operators Have Left Their Partners Out of the Deal and Stole the Entire Ransom.

Cybersecurity News | QUICK READ

A Critical VMware Bug Found in the Default vCenter

The Customers Should Immediately Patch a Critical Arbitrary File Upload Vulnerability Discovered in the Analytics Service.

Cybersecurity News | QUICK READ

Alleged TrickBot Developer Arrested

A Russian That Presumably Worked for the TrickBot Malware Gang Was Recently Arrested in South Korea.

Ransomware | QUICK READ

What Are Ransomware Operators Looking For?

Security Researchers Have Recently Revealed the Profile of the Ideal Ransomware Victim.

Cybersecurity News | QUICK READ

LockBit Leaked Data Belonging to Bangkok Airways

Bangkok Airways Confirmed Being a Victim of a Cyberattack that Compromised Personal Data of Passengers.

Cybersecurity News | QUICK READ

Ransomware Attacks Happening More on Holidays and Weekends

FBI and CISA Are Urging Organizations to Make Sure They Have Good Defense Capabilities in Place.

Forensics and threat hunting | QUICK READ

DeepBlueMagic Ransomware Strain Discovered by Heimdal™ - New Ransomware, New Method

DeepBlueMagic, the New Ransomware on the Horizon. How the Strain Works.

Cybersecurity News | QUICK READ

Accenture Confirms Ransomware Attack

The Threat Actors Have Allegedly Gained Databases of Over 6TB and Are Demanding A $50M Ransom.

Cybersecurity News | QUICK READ

Australia Faces an Increase in LockBit Ransomware Attacks

A Warning Related to an Increase in LockBit 2.0 Attacks Targeting Australian Organizations Was Recently Issued.

Cybersecurity News | QUICK READ

Conti Affiliate Leaks the Attack Playbook of the Ransomware Gang

An Unhappy Conti Affiliate Leaked the Gang’s Training Material about the Way in which They Are Conducting Attacks.

Cybersecurity News | QUICK READ

Newly Discovered Cobalt Strike Bugs Could Allow the Takedown of Attackers’ Servers

The Vulnerabilities Allow the Blocking of the Beacon Command-and-control (C2) Communication Channels and New Deployments.

Cybersecurity News | QUICK READ

ERG Energy Group Reports Minor Disruption Following Cyberattack

The Wind Power Giant Confirmed All Its Plants Are Operating Smoothly and Have Not Experienced Any Downtime.

Cybersecurity News | QUICK READ

FBI Finds Over 100 Active Ransomware Variants

The Agency Warns That Ransomware Can Paralyze Organizations, and the Cost to Rebuild an Encrypted Network Can Be Catastrophic for Small and Medium-Sized Businesses and Municipalities.

Cybersecurity News | QUICK READ

DoppelPaymer Gets a Rebranding

DoppelPaymer Ransomware Operation Is Now Going by the Name Grief (a.k.a. Pay or Grief).

Cybersecurity News | QUICK READ

LockBit Ransomware Is Now Encrypting Windows Domains

It Seems That LockBit 2.0 Ransomware Automates the Encryption of a Windows Domain by Using the Active Directory Group Policies.

Cybersecurity News | QUICK READ

Forefront Dermatology Data Breach Affects 2.4 Million Patients

A New Cyberattack Now Targets the Forefront Dermatology S.C. Wisconsin-based Company. Patients’ Credentials Stolen and Many More.

Cybersecurity News | QUICK READ

The HelloKitty Ransomware Linux Version Targets VMware ESXi Servers

The Ransomware Gang Uses a Linux Variant That Targets VMware’s ESXi Virtual Machine Platform.

Cybersecurity News | QUICK READ

Social Security Numbers Exposed Following Tulsa Ransomware Attack

The Social Security Numbers Were Included in Online Police Reports Submitted Between January 1st, 2015 – May 6th, 2021.

Cybersecurity News | QUICK READ

White House Announces Ransomware Task Force

In the Past Seven Months, the Surge of Ransomware Attacks Has Shut Down Large Sectors of the American Economy, with Threat Actors Taking Advantage of Poorly Implemented Security Measures.

Cybersecurity News | QUICK READ

Ransomware Campaign Poses a Threat to EOL 8.x Firmware: SonicWall Security Notification Released

New SonicWall Security Notification Points Out to a Ransomware Risk that Targets Secure Mobile Access (SMA) 100 Series and Secure Remote Access (SRA) Devices.

Cybersecurity News | QUICK READ

A 'Potential Ransomware Pandemic' Must Be Prevented, Interpol Urges

Police Agencies and Industry Partners are Urged to Join Forces in Preventing What May Become a Future Ransomware Pandemic.

Cybersecurity News | QUICK READ

Swiss Consumer Outlet Comparis Hit with Ransomware Attack

A $400,000 Ransom Was Demanded to Restore the Company’s Systems.

Cybersecurity News | QUICK READ

The Victims of REvil Ransomware Attack Are Refusing to Pay the Ransom

Kaseya Ransomware Attack Victims are Refusing to Pay After Realizing the REvil Attack Was Flawed.

Cybersecurity News | QUICK READ

A Fake Kaseya Security Update Is 'Backdooring' Networks Using Cobalt Strike

The Malicious Actors Are Pushing Cobalt Strike Payloads Disguised as Kaseya VSA Security Updates.

Cybersecurity News | QUICK READ

Officials Confirm No Data Have Been Compromised in the Wiregrass Electric Cooperative Attack

The Incident Comes in the Wake of Numerous Ransomware Attacks That Have Shut Down Large Sectors of the American Economy.

Cybersecurity News | QUICK READ

Is Diavol Ransomware Connected to Wizard Spider?

As Diavol Ransomware Is New on the Threat Landscape Researchers Weren’t Sure Where it Would Fit.

Cybersecurity News | QUICK READ

Sensitive Data Might Have Been Subject to Public Exposure Following Ransomware Attack

An Washington State Department of Labor and Industries’ File Shared with PMR Containing Customer Sensitive Data Was Targeted by a Ransomware Attack.

Cybersecurity News | QUICK READ

WSSC Water Hit with Ransomware Attack

The U.S. Water Company Is Currently Investigating A Ransomware Attack That Affected Non-Essential Business Systems in May.

Cybersecurity News | QUICK READ

Coop Supermarket Had to Close 500 Stores Following the Kaseya Ransomware Attack

The Swedish Supermarket Chain Closed 500 Stores After Falling Victims to the Latest REvil Ransomware Attack.

Cybersecurity News | QUICK READ

Diavol Ransomware, a New Ransomware in the Cybersecurity Landscape 

A New Ransomware Strain Dubbed as Diavol Might Be Linked to Wizard Spider, the Cybercrime Group Behind the Trickbot Botnet.

Cybersecurity News | QUICK READ

Ransomware Gangs Are Using New Recruitment Strategies

The Criminal Groups Are Now Using Their Websites in Order to Recruit Affiliates.

Cybersecurity News | QUICK READ

Conti Ransomware Leaks Police Citations and Forces the City of Tulsa to Issue a Data Breach Warning

Tulsa Suffered a Ransomware Attack Leading to the City Shutting Down its Network in Order to Prevent the Spread of the Malware.

Cybersecurity News | QUICK READ

A Massive Data Breach Hit Carnival Cruise

The Largest Ship Operator Issued a Data Misuse Risk Warning.

Cybersecurity News | QUICK READ

The Source Code of Paradise Ransomware Released on a Hacking Forum

Paradise Ransomware Is a RaaS Typically Delivered Through a Malicious Zip Attachment in Phishing Emails.

Cybersecurity News | QUICK READ

G7 Demands Russia to Hedge Against Domestic Ransomware Gangs

On Sunday, G7 Leaders Urged Russia Take Action Against Threat Actors Conducting Cyberattacks and Using Ransomware from Within Its Borders.

Cybersecurity News | QUICK READ

Ransomware Attack Hits Foodservice Distributor Edward Don

The Attack Forced the Company to Shut Down Some of Its Operations to Prevent the Infection’s Spread.

Cybersecurity News | QUICK READ

Gaming Giant Electronic Arts Got Breached

Hackers Breached the Network of Gaming Giant Electronic Arts (EA) and Claimed to Have Stolen Over 750 GB of Data, Which Includes Game Source Code and Debug Tools

Cybersecurity News | QUICK READ

A New Ransomware Group Claims it Breached Over 30 Organizations

Prometheus Ransomware, An Emerging Ransomware Operation Declared to Have Breached a Large Number of Companies.

Cybersecurity News | QUICK READ

Ragnar Locker Ransomware Hits Electronics Maker ADATA

The Threat Actors Claim They Have Stolen 1.5TB Of Sensitive Data from the Company’s Network Before Deploying the Ransomware Payloads.

Cybersecurity News | QUICK READ

Ransomware Attacks to Be Treated with Similar Priority as Terrorism, DOJ Announces

According to the Wall Street Journal, the Recent Wave of Ransomware Attacks Was Similar to What the U.S. Faced After 9/11.

Cybersecurity News | QUICK READ

Colonial Pipeline Ransomware Lures Are Used in Phishing Attacks

The Ransomware Attack on Colonial Pipeline Helped a Threat Actor to Create a New Phishing Lure Able to Trick Victims Into Downloading Malicious Files.

Cybersecurity News | QUICK READ

New Evil Corp Ransomware Bypasses OFAC Sanctions by Mimicking PayloadBin Gang

PayloadBIN Has Been Linked to the Evil Corp Cybercrime Gang Who Uses It to Avoid Sanctions Imposed by the Treasury Department’s Office of Foreign Assets Control.

Cybersecurity News | QUICK READ

Scripps Health Is Notifying Patients Regarding a Data Breach After a Ransomware Attack

The Nonprofit Healthcare Provider Suffered a Data Breach That Left Exposed Patient Information After Suffering a Ransomware Attack.

Cybersecurity News | QUICK READ

The Largest Ferry Service from Massachusetts Was Hit by a Ransomware Attack

The Steamship Authority Was hit by a Ransomware Attack Which Led to Ticketing and Reservation Disruptions.

Cybersecurity News | QUICK READ

Epsilon Red Ransomware Goes After Unpatched Microsoft Exchange Servers

Ransomware Threat Red Epsilon Has Been Leveraging Microsoft Exchange Server Vulnerabilities to Encrypt Machines Across the Network.

Cybersecurity News | QUICK READ

Agrius Iranian Hacking Group Targets Israel

The Iranian hacking Group Has Been Observed Disguising Attacks Against Israeli Targets as Ransomware Attacks.

Cybersecurity News | QUICK READ

Bose Disclosed Having a Data Breach

Bose Corporation Revealed that a Data Breach Hit the Company’s Systems in Early March.

Cybersecurity News | QUICK READ

CNA Financial Reportedly Paid a $40 Million Ransom

CNA Financial Had Reportedly Agreed to Pay the $40 Million Ransom to Restore Access to Its Systems Following a Ransomware Attack.

Cybersecurity News | QUICK READ

MountLocker Ransomware Is Now Using the Windows API

The Ransomware Operation Uses Enterprise Windows Active Directory APIs to Worm Through Networks.

Cybersecurity News | QUICK READ

FBI: Victims Lost $4.2 Billion to Cybercriminals in 2020

The FBI’s Internet Crime Complaint Center (IC3) Has Observed A Significant Increase in Cybercrime Complaints Over the Past Five Years.

Cybersecurity News | QUICK READ

Darkside Ransomware Operations Have Shut Down After Reports of Their Servers Being Seized

Darkside Ransomware Operations Have Allegedly Been Shut Down After a Server Take Over.

Cybersecurity News | QUICK READ

Avaddon Ransomware Hits Insurance Giant AXA

The French Insurer Revealed That One of Its Asian Subsidiaries Was Hit by A Ransomware Attack Over the Weekend, After Dropping Support for Ransom Payments.

Cybersecurity Basics | QUICK READ

Finastra Ransomware Attack

An In-Depth Look at the Situation. How Did Finastra Survive the Attack Without Paying?

Cybersecurity News | QUICK READ

Everything You Need to Know About the WestRock Ransomware Attack

Stages and Data to Date. How Attacks on Operational Technology Became the Next Cyber Boundary.

Cybersecurity Basics | QUICK READ

Blackbaud Ransomware Attack 101

How the Attack Affected a Large Number of Industries. What do You need to Know About It?

Advanced malware researches | INTERMEDIATE READ

MegaCortex Ransomware: The Cyber-Threat Looming Over Corporate Networks

MegaCortex Ransomware Has Been Targeting Businesses Since January 2019. Learn How to Protect Your Enterprise from It.

Ransomware | INTERMEDIATE READ

WannaCry Ransomware Explained

How one of the most dangerous ransomware outbursts happened. Key lessons organizations should learn.

Security alerts | QUICK READ

Security Alert: Malvertising campaign using SundownEK drops SEON ransomware

Here’s what happened and how you can protect yourself

Security alerts | QUICK READ

Security Alert: Booking.Com Fake Emails Infect Computers with Sodinokibi Ransomware

Opening attachments will download and run a dangerous GandCrab strain

Heimdal XDR logo

One Platform. Total Security.

Experience the Power of Heimdal XDR the Unified Security Platform that Delivers Comprehensive Protection against Next-gen Threats