Sodinokibi – Page 5 – WindowsTechs.com

MedusaLocker Leaves No Network Drive Safe

Posted on March 12, 2020 by Tomas Meskauskas

As it stands, ransomware is the cybersecurity problem that refuses to disappear. What started as malware specifically targeting home users is now targeting government departments and enterprise organizations. Not even Fortune 500 companies are safe fr… Continue reading MedusaLocker Leaves No Network Drive Safe→

New Treacherous Tricks of Ransomware Authors

Posted on March 2, 2020 by David Balaban

Ransomware operators are giving their sketchy repertoire an overhaul. These attacks used to be about unauthorized data encryption and now they are adding data theft to the mix. As a result, not only do the criminals hold the victims’ files for ransom,… Continue reading New Treacherous Tricks of Ransomware Authors→

Cyber Security Roundup for February 2020

Posted on February 2, 2020 by SecurityExpert

A roundup of UK focused cyber and information security news stories, blog posts, reports and threat intelligence from the previous calendar month, January 2020.After years of dither and delay the UK government finally nailed its colours to the mast, no… Continue reading Cyber Security Roundup for February 2020→

Sodinokibi Ransomware Group Sponsors Hacking Contest

Posted on January 31, 2020 by Tara Seals

Larger winnings for underground skills competitions are attracting sophisticated crime groups. Continue reading Sodinokibi Ransomware Group Sponsors Hacking Contest→

ThreatList: Ransomware Costs Double in Q4, Sodinokibi Dominates

Posted on January 24, 2020 by Lindsey O'Donnell

Ransomware actors are turning their sights on larger enterprises, making both average cost and downtime inflicted from attacks skyrocket. Continue reading ThreatList: Ransomware Costs Double in Q4, Sodinokibi Dominates→

Travelex says ransomware recovery is underway two weeks after global blackout

Posted on January 13, 2020 by Jeff Stone

The financial exchange Travelex said Monday it has restored some of its digital capabilities for foreign currency trades, nearly two weeks after a ransomware attack forced staff to rely on pens and paper. Travelex said its making “good progress” in its recovery from a security incident that, on Dec. 31, forced the company to suspend online services, including its app and internal email systems. Ransomware attackers used a malicious software strain called Sodinokibi, or REvil, reportedly to demand a fee of $6 million (£4.6 million) to release the affected data. Now, Travelex said, it is restoring internal processes and issuing refunds to customers “where appropriate,” according to Reuters. Hackers previously told the computer security blog Bleeping Computer they were in negotiations with Travelex about the ransom payment. Travelex did not respond to a request for comment from CyberScoop Monday. The company, a subsidiary of United Arab Emirates-based Finablr, operates 1,200 locations […]

The post Travelex says ransomware recovery is underway two weeks after global blackout appeared first on CyberScoop.

Continue reading Travelex says ransomware recovery is underway two weeks after global blackout→

REvil ransomware exploiting VPN flaws made public last April

Posted on January 8, 2020 by John E Dunn

Researchers report flaws, vendors issue patches, organisations apply them – and everyone lives happily ever after. Right? Wrong! Continue reading REvil ransomware exploiting VPN flaws made public last April→

Sodinokibi ransomware plagues Travelex currency exchange as investigation continues: report

Posted on January 7, 2020 by Jeff Stone

A days-long ransomware attack against Travelex has forced the British currency exchange to suspend many of its online operations as the United Kingdom’s Metropolitan police investigate the incident. The company said on Dec. 31 it would suspend all of its online services, including its app and internal email systems, to mitigate a cyberattack it detected that day. Two days later, Travelex contacted the Metropolitan police, seeking help to resolve the situation. Normal operations hadn’t been restored, the BBC reported Tuesday, with hackers reportedly demanding a $6 million ransom (£4.6 million) to unlock the affected data. Travelex did not respond to a request for comment Tuesday. The firm’s website was still offline at press time, citing planned maintenance. “The company’s network of branches continues to provide foreign exchange services manually,” the firm said in a Jan. 2 tweet. Travelex, a subsidiary of United Arab Emirates-based Finablr, operates 1,200 locations in 70 […]

The post Sodinokibi ransomware plagues Travelex currency exchange as investigation continues: report appeared first on CyberScoop.

Continue reading Sodinokibi ransomware plagues Travelex currency exchange as investigation continues: report→

Sodinokibi Ransomware Behind Travelex Fiasco: Report

Posted on January 7, 2020 by Tara Seals

Researchers suspect the cybercriminals attacked using an unpatched critical vulnerability in the company’s seven Pulse Secure VPN servers. Continue reading Sodinokibi Ransomware Behind Travelex Fiasco: Report→

Ransomware at IT Services Provider Synoptek

Posted on December 28, 2019 by BrianKrebs

Synoptek, a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. The company has reportedly paid a ransom demand in a bid to restore operations as quickly as possible.

Irvine, Calif.-based Synoptek is a managed service provider that maintains a variety of cloud-based services for more than 1,100 customers across a broad spectrum of industries, including state and local governments, financial services, healthcare, manufacturing, media, retail and software. The company employs nearly a thousand employees and brought in more than $100 million in revenue in the past year. Continue reading Ransomware at IT Services Provider Synoptek→