yaracroft @venom@nanao.cybtex.fr

Dozens of #US hospitals and clinics in West Virginia and Ohio are canceling surgeries and diverting ambulances following a #ransomware attack that has knocked out staff access to IT systems across virtually all of their operations #health #santé

https://arstechnica.com/gadgets/2021/08/hospitals-hamstrung-by-ransomware-are-turning-away-patients/

#Japan's Tokio Marine (tokiomarinehd.com), which has a U.S. division and offers a #cyber #insurance product, is the latest insurer to be victimized by #ransomware

https://www.cyberscoop.com/tokio-marine-ryan-specialty-group-ransomware-cyber-insurance/

Une partie des systèmes informatiques du Groupe Pallas Kliniken AG (pallas-kliniken.ch) impactée par une attaque #informatique de type #ransomware. Spécialisées dans la chirurgie des yeux et esthétique, ces cliniques privées disposent d'une vingtaine d'implantations en #Suisse et réalisent chaque année plus de 120000 interventions #health #medical #santé

https://www.swissinfo.ch/fre/les-cliniques-pallas-victimes-d-une-cyberattaque/46871336

Nota do Ministério da Economia (Brasil) - Foi identificado na noite de sexta-feira (13/8) um ataque de #ransomware à rede interna da Secretaria do Tesouro Nacional. As medidas de contenção foram imediatamente aplicadas e a Polícia Federal, acionada #brazil

https://www.gov.br/economia/pt-br/canais_atendimento/imprensa/notas-a-imprensa/2021/agosto/nota-do-ministerio-da-economia

DeepBlueMagic #ransomware

https://heimdalsecurity.com/blog/new-ransomware-method-deepbluemagic-strain/

#LockBit 2.0 #Ransomware

https://blogs.blackberry.com/en/2021/08/threat-spotlight-lockbit-2-0-ransomware-takes-on-top-consulting-firm

Atera agent as #backdoor - The idea behind this tactic is to leveraging a legitimate remote management agent Atera to survive possible Cobalt Strike detections from the endpoint detection and response platform #conti #ransomware

https://www.advanced-intel.com/post/secret-backdoor-behind-conti-ransomware-operation-introducing-atera-agent

CVE-2021-34527 (PrintNightmare) weaponized by Magniber #ransomware gang in attacks against South Korea #vuln #windows

https://therecord.media/printnightmare-vulnerability-weaponized-by-magniber-ransomware-gang/

Les systèmes informatiques et téléphoniques de la papetière F.F. Soucy, Inc. (ffsoucy.com) située à Rivière-du-Loup (Québec) impactés par une attaque informatique perpétrée dans la nuit du mardi 10 aout 2021. Complètement paralysée, la papetière n'a d'autre choix que d'interrompre sa production #canada #ransomware

https://cimtchau.ca/nouvelles/piratage-informatique-lentreprise-louperivoise-f-f-soucy-victime-dune-cyberattaque/

A hacker group said it had hacked IT consulting firm Accenture using #LockBit #ransomware and will release data in several hours #informatique #cyber #threats

https://www.reuters.com/article/accenture-ransomware-idUSL4N2PI3KD

An under-construction #malware called Chaos has been spotted, which is being advertised on an underground forum as being available for testing. While it calls itself #ransomware, an analysis revealed that it’s actually more of a #wiper #threats

https://www.trendmicro.com/en_us/research/21/h/chaos-ransomware-a-dangerous-proof-of-concept.html

City Manager Nick Edwards announced Thursday that the city's insurer paid an unknown person $320,000 to keep sensitive information from being exposed. Joplin officials say the city's computer system was shut down last month by a #ransomware attack #cities

https://www.komu.com/news/state/joplin-city-computer-shutdown-was-ransomware-attack/article_804e424f-5b94-5964-a797-8184229e7102.html

Taiwanese computer hardware vendor GIGABYTE has suffered a ransomware attack. Hackers are currently threatening to release more than 112 GB of business data on the dark web unless the company agrees to their ransom demands. The #ransomware attack on GIGABYTE's Taiwan headquarters is the latest in a long list of ransomware attacks that have hit Taiwan's tech sector over the past few years. Previous victims include Acer, AdvanTech, Compal, Quanta, Garmin #informatique #threats

https://therecord.media/motherboard-vendor-gigabyte-hit-by-ransomexx-ransomware-gang/

Les contribuables de la ville de Chalon-sur-Saône (chalon.fr) ont dû débourser 550 000 euros à la suite de l'attaque #informatique de février 2021 #france #cities #ransomware

https://www.usine-digitale.fr/article/la-ville-de-chalon-sur-saone-debourse-550-000-euros-a-la-suite-d-une-cyberattaque.N1130364

Contrairement à ce qu'avait affirmé Comparis (comparis.ch), l'entreprise a payé une rançon après avoir subi une attaque #informatique. Son attitude inquiète alors que ces piratages se multiplient en #Suisse et dans le monde #ransomware

https://www.letemps.ch/economie/comparis-joue-verite-apres-piratage-massif

#Italie : le portail de la région de Rome (regione.lazio.it) paralysé depuis plus de vingt-quatre heures suite à une attaque #informatique avec #ransomware

https://www.lesechos.fr/tech-medias/hightech/italie-le-site-de-la-region-de-rome-pris-pour-cible-par-un-ransomware-1336465

Socoplan, géant de la cosmétique, installé à Saint-Jean-de-Thouars, est victime d'une attaque #informatique depuis une semaine. « On ne mesure pas encore l'ampleur des conséquences » #france #ransomware

https://www.lanouvellerepublique.fr/deux-sevres/commune/saint-jean-de-thouars/thouars-la-societe-socoplan-touchee-par-une-cyberattaque

Chatter Indicates BlackMatter as #Darkside, #REvil Successor - On July 19, 2021, a threat actor operating under the alias « BlackMatter » registered an account on the high-tier Russian-language illicit forums XSS and Exploit. The actor deposited 4 BTC (~$150,000 USD) into their escrow account. Large deposits on the forum indicate the seriousness of the threat actor. On July 21, 2021, the threat actor posted a notice on the forums, stating they are looking to purchase access to infected corporate networks in the #US, #Canada, #Australia, and the #UK (Five Eyes), presumably for #ransomware operations. The threat actor said they are looking for larger #corporate networks with revenues of over US $100 million. #cyber #threats

https://www.flashpoint-intel.com/blog/chatter-indicates-blackmatter-as-revil-successor/

Les systèmes informatiques de la Ville de Thessalonique (thessaloniki.gr), deuxième ville la plus peuplée de Grèce, perturbés suite à une attaque informatique par #ransomware perpétrée dans la nuit du vendredi 23 juillet 2021 #greece #cities

https://www.thenationalherald.com/archive_general_news_greece/arthro/cyberattack_shuts_down_services_in_greece_s_second_largest_city-2960445/

In Q2 2021, we saw the disappearance of a few different ransomware operations. It is difficult to identify whether the groups simply went into hiding, were arrested, rebranded, or are now operating with a different #ransomware group. The previous three months saw a few groups call it quits including #Avaddon, #Babuk Locker, #DarkSide, and #Astro Locker ransomware groups. In Q2 2021 alone, this included 740 different victims as being named to the various active data leak sites. This is a 47% increase when compared to the same activity identified in Q1 2021.

https://www.digitalshadows.com/blog-and-research/q2-2021-ransomware-roll-up/