【ニュース】
◆The Week in Ransomware - December 17th 2021 - Enter Log4j (BleepingComputer, 2021/12/17 18:37)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-17th-2021-enter-log4j/
【関連まとめ記事】
◆The Week in Ransomware (まとめ)
https://malware-log.hatenablog.com/entry/The_Week_in_Ransomware
【詳細】
■2021年12月11日 (土)
◆New STOP Ransomware variant (Jakub Kroustek(Twitter), 2021/12/11)
Ransomware: STOP
拡張子: .yjqshttps://twitter.com/JakubKroustek/status/1469820999696887809
■2021年12月13日 (月)
◆Police arrests ransomware affiliate behind high-profile attacks (BleepingComputer, 2021/12/13 07:51)
[警察がランサムウェア関連企業を逮捕!注目を集めた攻撃の背後には]
https://www.bleepingcomputer.com/news/security/police-arrests-ransomware-affiliate-behind-high-profile-attacks/
⇒ https://malware-log.hatenablog.com/entry/2021/12/13/000000_16
◆Kronos ransomware attack may cause weeks of HR solutions downtime (BleepingComputer, 2021/12/13 12:57)
[Kronos ランサムウェアの攻撃により、数週間にわたる人事ソリューションのダウンタイムが発生する可能性]Ransomware: Kronos
https://www.bleepingcomputer.com/news/security/kronos-ransomware-attack-may-cause-weeks-of-hr-solutions-downtime/
⇒ https://malware-log.hatenablog.com/entry/2021/12/13/000000_17
■2021年12月14日 (火)
◆New ransomware now being deployed in Log4Shell attacks (BleepingComputer, 2021/12/14 )
https://www.bleepingcomputer.com/news/security/new-ransomware-now-being-deployed-in-log4shell-attacks/
⇒ https://malware-log.hatenablog.com/entry/2021/12/14/000000_4
◆New White Rabbit ransomware (Michael Gillespie(Twitter), 2021/12/14)
Ransomware: White Rabbit
拡張子: .scrypt
■2021年12月15日 (水)
◆Emotet starts dropping Cobalt Strike again for faster attacks (BleepingComputer, 2021/12/15 )
[EmotetはCobalt Strikeを再び投下し、より速い攻撃を行うようになる]Malware: Emotet
https://www.bleepingcomputer.com/news/security/emotet-starts-dropping-cobalt-strike-again-for-faster-attacks/
⇒ https://malware-log.hatenablog.com/entry/2021/12/15/000000_12
◆New STOP Ransomware variant (PCrisk, 2021/12/15)
Ransomware: STOP
拡張子: .Shgv
■2021年12月16日 (木)
◆Hive ransomware enters big league with hundreds breached in four months (BleepingComputer, 2021/12/16 10:14)
[ランサムウェア「Hive」の攻撃がわずか4か月で数百件に及ぶ大規模なものとなる]Ransomware: Hive
https://www.bleepingcomputer.com/news/security/hive-ransomware-enters-big-league-with-hundreds-breached-in-four-months/
⇒ https://malware-log.hatenablog.com/entry/2021/12/16/000000_11
◆McMenamins breweries hit by a Conti ransomware attack (BleepingComputer, 2021/12/16 15:48)
[McMenamins社のビール工場がランサムウェア「Conti」の攻撃を受ける]Ransomware: Conti
https://www.bleepingcomputer.com/news/security/mcmenamins-breweries-hit-by-a-conti-ransomware-attack/
⇒ https://malware-log.hatenablog.com/entry/2021/12/16/000000_12
◆Microsoft: Khonsari ransomware hits self-hosted Minecraft servers (BleepingComputer, 2021/12/16 )
[マイクロソフト ランサムウェア「Khonsari」がセルフホスティングのMinecraftサーバを攻撃]Ransomware: Khonsari
https://www.bleepingcomputer.com/news/security/microsoft-khonsari-ransomware-hits-self-hosted-minecraft-servers/
⇒ https://malware-log.hatenablog.com/entry/2021/12/16/000000_13
◆Noberus: Technical Analysis Shows Sophistication of New Rust-based Ransomware (Symantec, 2021/12/16)
[Noberus 技術的分析が示すRustベースの新ランサムウェアの洗練度]Ransomware: BlackCat
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/noberus-blackcat-alphv-rust-ransomware
⇒ https://malware-log.hatenablog.com/entry/2021/12/16/000000_14
◆New STOP Ransomware variant (PCrisk(Twitter), 2021/12/16)
https://twitter.com/pcrisk/status/1471463383375527941
■2021年12月17日 (金)
◆Conti ransomware uses Log4j bug to hack VMware vCenter servers (BleepingComputer, 2021/12/17 10:00)
[Conti ランサムウェアは Log4j のバグを利用して VMware vCenter サーバーをハックします]Ransomware: Conti
https://www.bleepingcomputer.com/news/security/conti-ransomware-uses-log4j-bug-to-hack-vmware-vcenter-servers/
⇒ https://malware-log.hatenablog.com/entry/2021/12/17/000000_9
◆Logistics giant warns of BEC emails following ransomware attack (BleepingComputer, 2021/12/17 11:28)
[物流大手、ランサムウェア攻撃を受けたBECメールに注意喚起]
https://www.bleepingcomputer.com/news/security/logistics-giant-warns-of-bec-emails-following-ransomware-attack/
⇒ https://malware-log.hatenablog.com/entry/2021/12/17/000000_12
◆TellYouThePass ransomware revived in Linux, Windows Log4j attacks (BleepingComputer, 2021/12/17 15:25)
[ランサムウェア「TellYouThePass」がLinuxとWindowsのLog4j攻撃で復活]Ransomware: TellYouThePass
https://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-revived-in-linux-windows-log4j-attacks/
⇒ https://malware-log.hatenablog.com/entry/2021/12/17/000000_8
◆New Dharma Ransomware variant (dnwls0719(Twitter), 2021/12/17)
Ransomware: Dharma
拡張子: .C1024
