You searched for Sodinokibi | SC Media
Skip to navigation Skip to main content

Your search for Sodinokibi returned 20 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Your search for Sodinokibi returned 20 results

Sort Results:

Relevant Recent
Malware, Ransomware, Security News

Report suggests GandCrab’s developers may have created Sodinokibi ransomware

By
Publish Date
Evidence is reportedly mounting that the recently discovered ransomware program known as Sodinokibi was created by the same developers who introduced GandCrab ransomware. Last month, GandCrab’s developers publicly disclosed that they were retiring after raking in roughly $2 billion in extortion payments. But this announcement may have been misleading at best, according to security researcher…
Cybercrime, Phishing, Ransomware, Security News

Sodinokibi ransomware campaigns span growing array of attack vectors

By
Publish Date
Since its discovery of Sodinokibi ransomware last April, cybercriminals have reportedly been attempting to infect networks with the malicious encryption program through a growing number of vectors, including supply chain attacks, spam, and malvertisements that redirect victims to an exploit kit. Sodinokibi encrypts data found in the user directory and prevents data recovery by leveraging…
Cybercrime, Malware, Ransomware, Security News, Vulnerabilities

New Sodinokibi ransomware delivered via Oracle WebLogic vulnerability

By
Publish Date
A remotely exploitable vulnerability in the Oracle WebLogic Server is currently the attack vector of choice for malicious actors to deliver a newly discovered ransomware called Sodinokibi. Sokinokibi encrypts data found in the user directory and leverages the Microsoft Windows vssadmin.exe utility to delete any “shadow copies” (created by default back-up mechanisms) in order to…
Cybercrime, Data Breach, Data leakage prevention (DLP), Ransomware, Security News

Nemty ransomware makers may be latest to adopt data leak strategy

By
Publish Date
Following in the footsteps of Maze and Sodinokibi, it appears the makers another malicious encryption program plans to adopt the tactic of publishing data that’s been exfiltrated from targets. According to a BleepingComputer report, Nemty ransomware developers posted on a news feed in its affiliate panel that it intends to create a website where they…
Cybercrime, Health Care, Ransomware, Security News

Report: Dental practices feel the pain of ransomware attack on IT provider

By
Publish Date
More than 100 dentist offices have reportedly been affected by a recent Sodinokibi ransomware attack on a Colorado-based company that provides IT services to the oral-care practices. Security expert Brian Krebs reported this past weekend via his blog post that Englewood, Colo.-based Complete Technology Solutions (CTS), was attacked back on Nov. 25, apparently via a compromised remote…
data center
Ransomware, Security News

Data center provider CyrusOne hit with REvil ransomware: Report

By
Publish Date
One day after news broke that data center provider CyrusOne was reportedly hit with a combination ransomware/data breach involving the REvil (aka Sodinokibi) ransomware the company issued a statement confirming the incident. Initially, CyrusOne did not release any details, but ZDNet reported the attack took place on December 4. A screenshot of the ransom note…
Ransomware, Security News

Dentist offices nationwide hit with REvil ransomware attacks

By
Publish Date
Dental practices across the country found themselves locked out of their patient files after a hacker group infected a pair of software providers with REvil, or Sodinokibi, ransomware. The two companies, The Digital Dental Record and PerCSoft, which created DDS safe to provide medical records retention and backup services to dental offices, ponied up the…
Locky Ransomware
Cybercrime, Finance, Ransomware, Security News

Sodinokibi ransomware ID’d as cause of Travelex business disruptions

By
Publish Date
The malware that has disrupted foreign exchange finance company Travelex’s ability to conduct digital transactions since New Year’s Eve has been identified as Sodinokibi ransomware. The malicious encryption software, which operates on a Ransomware-as-a-Service model, may have been delivered via unpatched, vulnerable Pulse Secure VPN servers and it is believed that the attackers are now…
Ransomware, Security News

Ransom payments averaging $41,000 per incident

By
Publish Date
The average ransom payment paid out by victims increased 13 percent, to $41,000, during the last three months, but researchers noted the rate of increase has plateaued. Researchers at Coveware credited the victims with being better prepared to restore their data on their own negating the need to pay the ransom. However, that was not…
Monero crypto-currency (Cryptonic.net)
Cryptocurrency, Cybercrime, Malware, Security News, Vulnerabilities

Adversaries exploit WebLogic bug to deliver cryptominer, use .cer files for obfuscation

By
Publish Date
Cybercriminals have been using a recently discovered critical vulnerability in the Oracle WebLogic server to deliver a Monero cryptomining program, while using certificate files to obfuscate malicious code. Caused by a deserialization error, the flaw, CVE-2019-2725, was patched in an April 26 out-of-band security update. The SANS ISC InfoSec forums originally hosted reports of malicious actors exploiting…
Next post in Cybercrime