【ニュース】
◆The Week in Ransomware - October 28th 2022 - Healthcare leaks (BleepingComputer, 2022/10/28)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-28th-2022-healthcare-leaks/
【詳細】
■2022年10月22日 (土)
◆TommyLeaks and SchoolBoys: Two sides of the same ransomware gang (BleepingComputer, 2022/10/22)
[TommyLeaksとSchoolBoys:同じランサムウェアの一味の表裏一体]
https://www.bleepingcomputer.com/news/security/tommyleaks-and-schoolboys-two-sides-of-the-same-ransomware-gang/
⇒ https://malware-log.hatenablog.com/entry/2022/10/22/000000
■2022年10月24日 (月)
◆Cuba ransomware affiliate targets Ukrainian govt agencies (BleepingComputer, 2022/10/24 11:51)
[Cuba ランサムウェアのアフィリエイトがウクライナの政府機関を狙う]
https://www.bleepingcomputer.com/news/security/cuba-ransomware-affiliate-targets-ukrainian-govt-agencies/
⇒ https://malware-log.hatenablog.com/entry/2022/10/24/000000_2
◆Pendragon car dealer refuses $60 million LockBit ransomware demand (BleepingComputer, 2022/10/24)
[Pendragonの自動車ディーラーが6,000万ドルのLockBitランサムウェアの要求を拒否]
https://www.bleepingcomputer.com/news/security/pendragon-car-dealer-refuses-60-million-lockbit-ransomware-demand/
⇒ https://malware-log.hatenablog.com/entry/2022/10/24/000000_3
◆New STOP ransomware variants (PCrisk(Twitter), 2022/10/24)
Ransomware: STOP
拡張子: .nuis / .nury
◆New Chaos ransomware variant (PCrisk(Twitter), 2022/10/24)
Ransomware: Chaos
拡張子: .eking
◆New KillNet ransomware (PCrisk(Twitter), 2022/10/24)
Ransomware: KillNet
拡張子: .killnet , Ransomnote: Ru.txt
■2022年10月25日 (火)
◆Hive claims ransomware attack on Tata Power, begins leaking data (BleepingComputer, 2022/10/25 14:49)
[HiveがTata Powerへのランサムウェア攻撃を主張、データ流出を開始]
https://www.bleepingcomputer.com/news/security/hive-claims-ransomware-attack-on-tata-power-begins-leaking-data/
⇒ https://malware-log.hatenablog.com/entry/2022/10/25/000000_3
◆Microsoft: Vice Society targets schools with multiple ransomware families (BleepingComputer, 2022/10/25 14:07)
[マイクロソフト: Vice Society は複数のランサムウェアファミリーで学校をターゲットにする]
https://www.bleepingcomputer.com/news/security/microsoft-vice-society-targets-schools-with-multiple-ransomware-families/
⇒ https://malware-log.hatenablog.com/entry/2022/10/25/000000_4
◆LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company (Trendmicro, 2022/10/25)
[ProxyShellを悪用したランサムウェア「LV」がヨルダンの企業を攻撃]
https://www.trendmicro.com/en_us/research/22/j/lv-ransomware-exploits-proxyshell-in-attack.html
⇒ https://malware-log.hatenablog.com/entry/2022/10/25/000000_5
◆New Zeppelin ransomware variant (PCrisk(Twitter), 2022/10/24)
Ransomware: Zeppelin
拡張子: .bbd2.[victim's_ID] , Ransomnote: ALL YOUR FILES ARE ENCRYPTED.txt
■2022年10月26日 (水)
◆Medibank now says hackers accessed all its customers’ personal data (BleepingComputer, 2022/10/26 10:30)
[メディバンク、ハッカーが全顧客の個人情報にアクセスしたと発表]
https://www.bleepingcomputer.com/news/security/medibank-now-says-hackers-accessed-all-its-customers-personal-data/
⇒ https://malware-log.hatenablog.com/entry/2022/10/26/000000_1
◆New Chaos ransomware variant (PCrisk(Twitter), 2022/10/26)
Ransomware: Chaos, CRYPTONITE
拡張子: 4 random characters, Ransomnote: lisezmoi.txthttps://twitter.com/pcrisk/status/1585141019418320896
⇒ https://malware-log.hatenablog.com/entry/2022/10/26/000000_2
◆New Makop ransomware variant (PCrisk(Twitter), 2022/10/26)
Ransomware: Makop
拡張子: .INT, Ransomnote: +README-WARNING+.txthttps://twitter.com/pcrisk/status/1585206639195344897
⇒ https://malware-log.hatenablog.com/entry/2022/10/26/000000_3
◆Dragos Industrial Ransomware Analysis: Q3 2022 (Dragos, 2022/10/26)
[Dragos: 産業用ランサムウェアの分析。Q3 2022]
https://www.dragos.com/blog/industry-news/dragos-industrial-ransomware-analysis-q3-2022/
⇒ https://malware-log.hatenablog.com/entry/2022/10/26/000000_4
◆Indianapolis Housing Agency responds to massive system-wide ransomware attack (IndyStar, 2022/10/26)
[インディアナポリス住宅公社、システム全体に及ぶ大規模なランサムウェア攻撃に対応]
https://www.indystar.com/story/news/local/indianapolis/2022/10/26/ransomware-indianapolis-housing-agency-section-8-system/69593974007/
⇒ https://malware-log.hatenablog.com/entry/2022/10/26/000000_5
■2022年10月27日 (木)
◆Australian Clinical Labs says patient data stolen in ransomware attack (BleepingComputer, 2022/10/27 14:05)
[オーストラリアのクリニカルラボ、ランサムウェア攻撃で患者データを盗まれたと発表]
https://www.bleepingcomputer.com/news/security/australian-clinical-labs-says-patient-data-stolen-in-ransomware-attack/
⇒ https://malware-log.hatenablog.com/entry/2022/10/27/000000_1
◆Microsoft links Raspberry Robin worm to Clop ransomware attacks (BleepingComputer, 2022/10/27 15:34)
[マイクロソフト、Raspberry RobinワームとClopランサムウェア攻撃を関連付け]
https://www.bleepingcomputer.com/news/security/microsoft-links-raspberry-robin-worm-to-clop-ransomware-attacks/
⇒ https://malware-log.hatenablog.com/entry/2022/10/27/000000_2
◆New Zeppelin ransomware variant (PCrisk, 2022/10/28)
Ransomware: Zeppelin
拡張子: .vn2.1.[victim's_ID] , Ransomnote: ALL YOUR FILES ARE ENCRYPTED.txt
■2022年10月28日 (金)
◆New STOP ransomware variants (PCrisk(Twitter), 2022/10/28)
Ransomware: STOP
拡張子: .powd / .pozq
【関連まとめ記事】
◆The Week in Ransomware (まとめ)
https://malware-log.hatenablog.com/entry/The_Week_in_Ransomware