0 Persons are tagged with #ransomware

#ransomware

anonymiss@despora.de
anonymiss

15 #cybercrime statistics you ought to know

source: https://www.independent.co.uk/advisor/vpn/cybercrime-statistics

It’s a battle for individuals and smaller companies just as much as it is for big organisations; as the digital space is expanding and as #AI is impacting our everyday lives, hackers are getting more inventive every day. And, if you’re not convinced that cybercrime is going to be an issue in your life, the statistics below will change your mind.

With the security quality of our software, the internet is only running because it is more profitable for cybercriminals to keep the internet running for ramsonware attacks.

#security #cybersecurity #digital #internet #ransomware #future #economy #news #technology #software #problem #finance #money #costs #crime

2 Likes
1 Comments
4 Likes
One person like that
One person like that
1 Comments
4 Likes
16 Comments
One person like that
One person like that
2 Likes
tresronours@parlote.facil.services
Alexandre

PetSmart warns of Active Password Cracking Attacks

PetSmart, Inc. is a renowned retail chain operating in the United States, Canada, and Puerto Rico.

It offers a comprehensive range of pet products and services such as pet supplies, grooming, training, and in-store adoptions.

PetSmart prides itself on being a trusted partner to pet parents and a dedicated advocate for pets’ well-being.

PetSmart has issued a warning regarding an uptick in password-guessing attempts on their website.

The pet retail giant reassures that there has been no breach of their systems, but the increased activity has prompted them to take precautionary measures.

Security Measures in Place

PetSmart’s vigilant security tools detected the unusual activity, which led to the company’s decision to deactivate the passwords of potentially affected accounts.

@import url(‘https://fonts.googleapis.com/css2?family=Poppins&display=swap’); @import url(‘https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap’); *{ margin: 0; padding: 0; text-decoration: none; } .container{ font-family: roboto, sans-serif; width: 90%; border: 1px solid lightgrey; padding: 20px; background: linear-gradient(2deg,#E0EAF1 100%,#BBD2E0 100%); margin: 20px auto ; border-radius: 40px 10px; box-shadow: 5px 5px 5px #e2ebff; } .container:hover{ box-shadow: 10px 10px 5px #e2ebff; } .container .title{ color: #015689; font-size: 22px; font-weight: bolder; } .container .title{ text-shadow: 1px 1px 1px lightgrey; } .container .title:after { width: 50px; height: 2px; content: ‘ ‘; position: absolute; background-color: #015689; margin: 20px 8px; } .container h2{ line-height: 40px; margin: 2px 0; font-weight: bolder; } .container a{ color: #170d51; } .container p{ font-size: 18px; line-height: 30px; } .container button{ padding: 15px; background-color: #4469f5; border-radius: 10px; border: none; background-color: #00456e ; font-size: 16px; font-weight: bold; margin-top: 5px; } .container button:hover{ box-shadow: 1px 1px 15px #015689; transition: all 0.2S linear; } .container button a{ color: white; } hr{ / display: none; / } Integrate ANY.RUN in your company for Effective Malware Analysis

Are you from SOC and DFIR teams? – Join With 400,000 independent Researchers

Malware analysis can be fast and simple. Just let us show you the way to:

  • Interact with malware safely

  • Set up virtual machine in Linux and all Windows OS versions

  • Work in a team

  • Get detailed reports with maximum data

If you want to test all these features now with completely free access to the sandbox: ..

Analyze malware in ANY.RUN for free

Customers will need to reset their passwords the next time they attempt to log in to petsmart.com.

The company has provided straightforward instructions for password reset:

users can click the “forgot password” link on the login page or directly navigate to www.petsmart.com/account/ to initiate the process.

A Call for Stronger Password Hygiene

The PetSmart Data Security Team emphasizes the importance of robust password practices in the face of persistent threats from online fraudsters.

These malicious actors are known to obtain usernames and passwords and test them across various platforms, including those like PetSmart’s.

According to a recent tweet by Dark Web Informer, PetSmart has notified its customers about a security breach in its system via email.

.

[

@PetSmart

](https://twitter.com/PetSmart?ref_src=twsrc%5Etfw)

sent out the following email.

[

#Ransomware

](https://twitter.com/hashtag/Ransomware?src=hash&ref_src=twsrc%5Etfw)

[

#DarkWebInformer

](https://twitter.com/hashtag/DarkWebInformer?src=hash&ref_src=twsrc%5Etfw)

[

#Cybersecurity

](https://twitter.com/hashtag/Cybersecurity?src=hash&ref_src=twsrc%5Etfw)

[

#Cyberattack

](https://twitter.com/hashtag/Cyberattack?src=hash&ref_src=twsrc%5Etfw)

[

#Cybercrime

](https://twitter.com/hashtag/Cybercrime?src=hash&ref_src=twsrc%5Etfw)

[

#PetSmart

](https://twitter.com/hashtag/PetSmart?src=hash&ref_src=twsrc%5Etfw)

[

pic.twitter.com/Rib9SHtcaD

](https://t.co/Rib9SHtcaD)

— Dark Web Informer (@DarkWebInformer)

[

March 6, 2024

](https://twitter.com/DarkWebInformer/status/1765476096760262942?ref_src=twsrc%5Etfw)

To combat this, the retailer advises customers to create strong, unique passwords for their accounts and to update them several times a year.

The use of different passwords for separate important accounts is also strongly recommended.

Understanding the inconvenience this may cause to their patrons, PetSmart extends its customer service support for any questions or concerns arising from this issue.

Customers can reach out via email at customercare@petsmart.com.

Maintaining Vigilance

PetSmart’s prompt response to the detected password-cracking attempts is part of its ongoing commitment to customer data security.

The company’s efforts to communicate with its customers about the potential risks and the steps being taken to mitigate them reflect an industry-wide push towards greater transparency and proactive security measures in the digital age.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

The post PetSmart warns of Active Password Cracking Attacks appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder

anonymiss@despora.de
anonymiss

Hackers Behind the Change #Healthcare #Ransomware #Attack Just Received a $22 Million Payment

Source: https://www.wired.com/story/alphv-change-healthcare-ransomware-payment/

I wonder if this is not the breaking point of our system? When well-educated people prefer to develop ransomware instead of working for the common good because the system doesn't offer them better prospects.

#technology #news #security #cybercrime #internet #society #system #question #capitalism #future #problem #economy #finance #hack #Hackers #money

Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment

The transaction, visible on Bitcoin's blockchain, suggests the victim of one of the worst ransomware attacks in years may have paid a very large ransom.

2 Likes
1 Comments
leshoshin@diasporasocial.net
leshoshin

#ransomware

According to a recent report by Coveware, less than 30% of the victims paid a ransom in the last quarter of 2023, marking a new record low compared to the 85% recorded in 2019.

One person like that
leshoshin@diasporasocial.net
leshoshin

#ransomware #quote

VINCENT BONNAL

Ransomware enthusiasts find themselves in a predicament. Lately, their predatory tactic of extorting money through the use of malicious software is becoming less effective. Indeed, victims are no longer submitting and refusing to pay.

aktionfsa@diasp.eu
Aktion Freiheit statt

02.01.2024 Zwei Beispiele von Hacks

"Create2"-Funktion von Ethereum missbraucht

Nicht nur das Gesundheitssystem weist in seiner Software Lücken und Fehler auf, auch Banksoftware ist nicht perfekt. Das gilt erst recht für diejenige von Kryptowährungen. Böswillige Akteure haben die "Create2"-Funktion von Ethereum missbraucht, um Sicherheitswarnungen für Wallets zu umgehen und Kryptowährungsadressen zu verändern. Die Folge davon war, der Diebstahl von Kryptowährungen im Wert von 60.000.000 US-Dollar von 99.000 Personen in den letzten 6 Monaten.

Create2 ist ein Code in Ethereum, der das Erstellen von Smart Contracts auf der Blockchain ermöglicht. Eigentlich handelt es sich um ein leistungsstarkes Tool für Ethereum-Entwickler, das fortschrittliche und flexible Vertragsinteraktionen, eine parameterbasierte Vorabberechnung der Vertragsadresse, Flexibilität bei der Bereitstellung sowie die Eignung für Off-Chain-Transaktionen ermöglicht.

Gelingt es Angreifern jedoch die Sicherheitswarnungen der Wallet zu unterdrücken, bzw. zu umgehen, so kann ein Opfer eine böswillige Transaktion unterzeichnen. Dann setzt der Angreifer einen Vertrag an der vorberechneten Adresse ein und überträgt die Vermögenswerte des Opfers dorthin. Shit happens!

Royal ransomware asked 350 victims to pay $275 million

Auch die zweite verlinkte Meldung zeigt ein Beispiel, wo durch unsichere Netzwerke Angreifer Zugriff auf wertvolle Daten bekommen. In diesem Fall handelt es sich sogar um Gesundheitsdaten, allerdings Institutionen des Department of Health and Human Services (HHS) in den USA. FBI und die CISA haben in einer gemeinsamen Mitteilung bekannt gegeben, dass die Royal Ransomware-Bande seit September 2022 in die Netzwerke von mindestens 350 Organisationen weltweit eingedrungen ist.

Danach haben sie mit Ransomware-Operationen, also der Verschlüsselung oder Entführung von Datenbeständen Lösegeldforderungen in Höhe von mehr als 275 Millionen US-Dollar erhoben. Die Forderungen reichen im Eizelfall von 250.000 Dollar bis zu mehreren Millionen Dollar.

Den Behörden in den USA ist es bisher nicht gelungen die Akteure der Angriffe zu enttarnen. Sie konnten jedoch an den Angriffsmustern erkennen, dass um den Jahreswechsel 22/23 ein "Rebranding" stattgefunden haben muss. Während sie anfangs Ransomware-Verschlüsselungsprogramme von anderen Unternehmen wie ALPHV/BlackCat verwendeten, ist die Bande inzwischen dazu übergegangen, eigene Tools einzusetzen. Neuerdings wurde die Malware aktualisiert, um auch Linux-Geräte bei Angriffen auf virtuelle VMware ESXi-Maschinen zu verschlüsseln.

Das Interesse der Hacker an Linux beweist, dass gerade in der Serverlandschaft inzwischen auch bei Unternehmen vermehrt Linux an Stelle von Windows-Servern eingesetzt wird. Das ist gut für Open Source, beweist aber auch, dass auch Linux nicht unfehlbar ist. Der Artikel verweist aber auch daruf, dass oft bei diesen Angriffen der menschliche Faktor den entscheidenden Fehler begeht, in dem Pishing Mails als Einfallstor genutzt werden.

Mehr dazu bei https://www.bleepingcomputer.com/news/security/fbi-royal-ransomware-asked-350-victims-to-pay-275-million/
und https://www.bleepingcomputer.com/news/security/ethereum-feature-abused-to-steal-60-million-from-99k-victims/
Kategorie[21]: Unsere Themen in der Presse Short-Link dieser Seite: a-fsa.de/d/3yc
Link zu dieser Seite: https://www.aktion-freiheitstattangst.org/de/articles/8638-20240102-zwei-beispiele-von-hacks.html
Link im Tor-Netzwerk: http://a6pdp5vmmw4zm5tifrc3qo2pyz7mvnk4zzimpesnckvzinubzmioddad.onion/de/articles/8638-20240102-zwei-beispiele-von-hacks.html
Tags: #Cyberwar #Hacking #Trojaner #Verbraucherdatenschutz #Datenschutz #Datensicherheit #Fatenpannen #Pishing #Ransomware #Etherum #Kryptowährung #Gesundheitsdaten #Erpressung #eHealth

3 Likes
5 Likes
12 Comments
tresronours@parlote.facil.services
Alexandre

Toyota Financial Hack Claimed by Medusa Ransomware

The biggest manufacturer of automobiles, Toyota, has discovered unauthorized activity on systems in a few of its Europe & African services.

The ‘Medusa ransomware gang allegedly took data from Toyota Financial Services.’ The group offered the business ten days to provide the $8 million ransom.

Despite being a relatively new threat actor, the Medusa ransomware gang has already established a reputation for using aggressive tactics. The gang has aimed at numerous establishments, including businesses, governmental bodies, and medical service providers.

If victims refuse to pay the ransom, the Medusa ransomware gang has previously threatened to reveal stolen content, including sensitive information. After victims have paid the ransom, the gang has, in certain instances, even released the stolen data.

The Gang Released Sample Data on Its Leak Site

The Medusa gang made claims on their leak site today, November 16, including screenshots of multiple documents confirming the hack’s authenticity and listed stolen sample data.

The files contain several spreadsheets, financial documents, staff email addresses, and scans of a Serbian passport. One document, in particular, contains un-hashed account passwords and usernames for several types of production and development environments, and much more were all included.

A ransomware group claims to have accessed a vast amount of sensitive data from Germany’s Toyota Financial Services.

“Toyota Motor Corporation is a Japanese multinational automotive manufacturer headquartered in Toyota City, Aichi, Japan,” Medusa’s leak site said.

“Toyota is one of the largest automobile manufacturers in the world, producing about 10 million vehicles per year. The leaked data is from Toyota Financial Services in Germany. Toyota Deutschland GmbH is an affiliated company held by Toyota Motor Europe (TME) in Brussels/Belgium and located in Köln (Cologne).”

Toyota you may want to take a look.

[

@Toyota

](https://twitter.com/Toyota?ref_src=twsrc%5Etfw)

[

@ToyotaFinancial

](https://twitter.com/ToyotaFinancial?ref_src=twsrc%5Etfw)

[

#Ransomware

](https://twitter.com/hashtag/Ransomware?src=hash&ref_src=twsrc%5Etfw)

[

https://t.co/TgNmvdyloC

](https://t.co/TgNmvdyloC)

[

pic.twitter.com/PYrDnErG7d

](https://t.co/PYrDnErG7d)

— Dominic Alvieri (@AlvieriD)

[

November 16, 2023

](https://twitter.com/AlvieriD/status/1725024589049143458?ref_src=twsrc%5Etfw)

The leak site features a countdown to the full data release date of November 26, which is in ten days. The gang will extend the deadline by one day for US$10,000.

The company took a few systems offline to look into this activity and lower risk. They have also started collaborating with law enforcement. They have begun getting their systems back online in the majority of countries.

“We are working diligently to get systems back online as soon as possible and we regret any inconvenience caused to our customers and business partners. As of now, this incident is limited to Toyota Financial Services Europe & Africa”, the company said.

Cybersecurity analyst Kevin Beaumont pointed out that Toyota systems that are reachable online are susceptible to the “Citrix Bleed” vulnerability, which was disclosed late last month and has already impacted numerous major businesses and government agencies.

[

https://t.co/vV3COH9UHV

](https://t.co/vV3COH9UHV)

[

pic.twitter.com/GuCN9W0nIo

](https://t.co/GuCN9W0nIo)

— Kevin Beaumont (@GossiTheDog)

[

November 16, 2023

](https://twitter.com/GossiTheDog/status/1725203676203995606?ref_src=twsrc%5Etfw)

Over the past three years, the automaker has had to cope with several cybersecurity breaches. One major one that was revealed in May involved the exposure of data on over 2 million Japanese automobiles for more than ten years.

Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.

The post Toyota Financial Hack Claimed by Medusa Ransomware appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder

One person like that