You searched for Sodinokibi | SC Media

Your search for Sodinokibi returned 17 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Your search for Sodinokibi returned 17 results

Sort Results:

Relevant Recent
Malware, Ransomware, Security News

Report suggests GandCrab’s developers may have created Sodinokibi ransomware

Evidence is reportedly mounting that the recently discovered ransomware program known as Sodinokibi was created by the same developers who introduced GandCrab ransomware. Last month, GandCrab’s developers publicly disclosed that they were retiring after raking in roughly $2 billion in extortion payments. But this announcement may have been misleading at best, according to security researcher…
Cybercrime, Phishing, Ransomware, Security News

Sodinokibi ransomware campaigns span growing array of attack vectors

Since its discovery of Sodinokibi ransomware last April, cybercriminals have reportedly been attempting to infect networks with the malicious encryption program through a growing number of vectors, including supply chain attacks, spam, and malvertisements that redirect victims to an exploit kit. Sodinokibi encrypts data found in the user directory and prevents data recovery by leveraging…
Cybercrime, Data Breach, Data leakage prevention (DLP), Ransomware, Security News

Nemty ransomware makers may be latest to adopt data leak strategy

Following in the footsteps of Maze and Sodinokibi, it appears the makers another malicious encryption program plans to adopt the tactic of publishing data that’s been exfiltrated from targets. According to a BleepingComputer report, Nemty ransomware developers posted on a news feed in its affiliate panel that it intends to create a website where they…
Cybercrime, Malware, Ransomware, Security News, Vulnerabilities

New Sodinokibi ransomware delivered via Oracle WebLogic vulnerability

A remotely exploitable vulnerability in the Oracle WebLogic Server is currently the attack vector of choice for malicious actors to deliver a newly discovered ransomware called Sodinokibi. Sokinokibi encrypts data found in the user directory and leverages the Microsoft Windows vssadmin.exe utility to delete any “shadow copies” (created by default back-up mechanisms) in order to…
Cybercrime, Health Care, Ransomware, Security News

Report: Dental practices feel the pain of ransomware attack on IT provider

More than 100 dentist offices have reportedly been affected by a recent Sodinokibi ransomware attack on a Colorado-based company that provides IT services to the oral-care practices. Security expert Brian Krebs reported this past weekend via his blog post that Englewood, Colo.-based Complete Technology Solutions (CTS), was attacked back on Nov. 25, apparently via a compromised remote…
data center
Ransomware, Security News

Data center provider CyrusOne hit with REvil ransomware: Report

One day after news broke that data center provider CyrusOne was reportedly hit with a combination ransomware/data breach involving the REvil (aka Sodinokibi) ransomware the company issued a statement confirming the incident. Initially, CyrusOne did not release any details, but ZDNet reported the attack took place on December 4. A screenshot of the ransom note…
Ransomware, Security News

Dentist offices nationwide hit with REvil ransomware attacks

Dental practices across the country found themselves locked out of their patient files after a hacker group infected a pair of software providers with REvil, or Sodinokibi, ransomware. The two companies, The Digital Dental Record and PerCSoft, which created DDS safe to provide medical records retention and backup services to dental offices, ponied up the…
Locky Ransomware
Cybercrime, Finance, Ransomware, Security News

Sodinokibi ransomware ID’d as cause of Travelex business disruptions

The malware that has disrupted foreign exchange finance company Travelex’s ability to conduct digital transactions since New Year’s Eve has been identified as Sodinokibi ransomware. The malicious encryption software, which operates on a Ransomware-as-a-Service model, may have been delivered via unpatched, vulnerable Pulse Secure VPN servers and it is believed that the attackers are now…
Ransomware, Security News

Ransom payments averaging $41,000 per incident

The average ransom payment paid out by victims increased 13 percent, to $41,000, during the last three months, but researchers noted the rate of increase has plateaued. Researchers at Coveware credited the victims with being better prepared to restore their data on their own negating the need to pay the ransom. However, that was not…
Cybercrime, Data Breach, Network Security, Ransomware, Security News, Vulnerabilities

Citrix fixes bug used in ransomware attacks; Auto maker GEDIA falls victim to exploit

Citrix over the last six days has been releasing firmware updates to fix CVE-2019-19781, a critical remote code execution vulnerability in its Citrix Application Delivery Controller, Citrix Gateway and SD-WAN WANOP products, which cybercriminals have actively exploited in an attempt to deliver ransomware, backdoors and coin miners. The Fort Lauderdale, Fla.-based software company has now…
Next post in Vulnerabilities