TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

The Week in Ransomware - March 12th 2021 - Encrypting Exchange servers


◆The Week in Ransomware - March 12th 2021 - Encrypting Exchange servers (BleepingComputer, 2021/03/12 18:51)



◆Ransomware gang plans to call victim's business partners about attacks (BleepingComputer, 2021/03/06 12:47)

◆New Jessy Dharma ransomware variant (Jakub Kroustek(Twitter), 2021/03/06)

Ransomware: Jessy Dharma
拡張子: .Jessy


◆New ROG Dharma ransomware variant (Jakub Kroustek(Twitter), 2021/03/07)

Ransomware: ROG Dharma
拡張子: .ROG


◆New Sarbloh ransomware supports Indian farmers' protest (BleepingComputer, 2021/03/08 16:20)

Ransomware: Sarbloh
拡張子: .sarbloh, ランサムノート: README_SARBLOH.txt


◆Flagstar Bank hit by data breach exposing customer, employee data (BleepingComputer, 2021/03/08)

◆New Matrix ransomware variant (dnwls0719(Twitter), 2021/03/08)

Ransomware: Matrix
拡張子: .JDPR, ランサムノート: JDPR_README.rtf

◆Healthcare Providers Were Warned of a Ransomware Surge Last Fall. Some Still Aren’t Sure How Serious the Threat Was (The Record, 2021/03/08)

Late last October, when the U.S. government warned of an imminent ransomware threat to the country’s hospitals and healthcare providers, many in the industry had a similar reaction: they paused, took a deep breath, and braced for impact.


◆GandCrab ransomware affiliate arrested for phishing attacks (BleepingComputer, 2021/03/09 10:07)

A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims.

◆New Bad Gopher ransomware (S!R!(Twitter), 2021/03/09)



◆Ryuk ransomware hits 700 Spanish government labor agency offices (BleepingComputer, 2021/03/10 08:35)

◆New STOP ransomware variants (Michael Gillespie(Twitter), 2021/03/10)

Ransomware: STOP Djvu
拡張子: .reig / .tirp

◆DarkSide Ransomware 2.0 released (3xp0rt(Twitter), 2021/03/10)


◆Molson Coors brewing operations disrupted by cyberattack (BleepingComputer.2021/03/11 13:12)

◆DearCry ransomware attacks Microsoft Exchange with ProxyLogon exploits (BleepingComputer, 2021/03/11 19:39)
[ランサムウェア「DearCry」、ProxyLogonを悪用してMicrosoft Exchangeを攻撃]


◆DearCry found to be targeting Exchange (Michael Gillespie(Twitter), 2021/03/11)

◆New Dharma ransomware variants (Jakub Kroustek(Twitter), 2021/03/11)

Ransomware: Dharma
拡張子: .biden / .eofyd / .duk


◆New Dharma ransomware variants (Jakub Kroustek(Twitter), 2021/03/12)

Ransomware: Dharma
拡張子: .LAO / .pirat

◆6,970 publicly exposed web shells on Exchange servers (Kryptos Logic(Twitter), 2021/03/12)


 ◆資料・報告書 (まとめ)

◆The Week in Ransomware (まとめ)

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020