12 matches found
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years 81 months in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations. According to the U.S. Departme...
Rorschach Ransomware Emerges: Experts Warn of Advanced Evasion Strategies
Cybersecurity researchers have taken the wraps off a previously undocumented ransomware strain called Rorschach that's both sophisticated and fast. "What makes Rorschach stand out from other ransomware strains is its high level of customization and its technically unique features that have not be...
PT-2022-17905 · Undefined · Undefined
ParsedReport 19-12-2022 Veeam Fixes Critical Vulnerabilities in Backup & Replication Software CVE-2022-26500 & CVE-2022-26501 https://socradar.io/veeam-fixes-critical-vulnerabilities-in-backup-replication-software-cve-2022-26500-cve-2022-26501 Threats: Monti Yanluowang Empire loader CVEs:...
Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti
Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti By Jambul Tologonov· November 22, 2022 Introduction On October 31, 2022, Yanluowang’s TOR site was hacked displaying a message “check and mate!! Yanluowang Matrix chat hacked @yanluowangleaks Time’s...
Vulnerabilities & Threats that Matter 08 – 14th Aug
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 563 14 3 69 08 71 For a detailed threat digest, download the pdf file here Summary The second week of August 2022 witnessed the discovery of 563 vulnerabilities out of whi...
Cisco Confirms Network Breach After Employee’s Google Account was Hacked
By Deeba Ahmed Cisco has confirmed that its security was successfully breached by Yanluowang Ransomware Gang in May 2022. Networking giant… This is a post from HackRead.com Read the original post: Cisco Confirms Network Breach After Employees Google Account was Hacked...
Who is behind the Cisco attack?
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Cisco has revealed that they have faced a breach carried out by threat actors, the UNC2447, the Lapsus$, and the Yanluowang ransomware gang. They stole around 2.8 GB of data, which included non-disclosure...
Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
Networking equipment major Cisco on Wednesday confirmed it was the victim of a cyberattack on May 24, 2022 after the attackers got hold of an employee's personal Google account that contained passwords synced from their web browser. "Initial access to the Cisco VPN was achieved via the successful...
Cisco Confirms Network Breach Via Hacked Employee Google Account
Cisco Systems revealed details of a May hack by the Yanluowang ransomware group that leveraged a compromised employee’s Google account. The networking giant is calling the attack a “potential compromise” in a Wednesday post by the company’s own Cisco Talos threat research arm. “During the...
How to recover files encrypted by Yanluowang
Yanluowang is a type of targeted ransomware discovered by the Symantec Threat Hunter team as they were investigating an incident on a large corporate network. Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this...
New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes
We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these samples is that the files are code-signed. They also terminate various processes which are related to database and backup management...
Yanluowang Ransomware Tied to Thieflock Threat Actor
A threat actor previously tied to the Thieflock ransomware operation may now be using the emerging Yanluowang ransomware in a series of attacks against U.S. corporations, researchers have found. Researchers from Symantec, a division of Broadcom Software, found ties between Thieflock and Yanluowan...