Krebs on Security

NOVEMBER 10, 2020

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. On the evening of Monday, Nov. ”

Ransomware 349

Ransomware IT Security 349

Data Breach Today

AUGUST 5, 2022

Also: BEC Attack Headaches and Inside the Nomad Bridge Hack In the latest weekly update, four editors at Information Security Media Group discuss key takeaways from ISMG's recent Government Summit, how hackers siphoned nearly $200 million from cryptocurrency bridge Nomad and how midsized businesses are the new frontier for ransomware.

Ransomware 260

Ransomware Information Security Government Security 260

Data Breach Today

AUGUST 25, 2022

The latest edition of the ISMG Security Report discusses how ransomware-as-a-service groups are shifting their business models, how investigators battling cybercrime have been hindered by GDPR, and how employees consider workplace "choice" a key factor for job satisfaction.

Ransomware 245

Ransomware GDPR Security 245

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. ” GAP #1. 22, 2020, the U.S.

Ransomware 264

Ransomware Government Security IT 264

Data Breach Today

DECEMBER 19, 2023

Ransomware Group Declares Nothing Off Limits Outside of CIS Countries The BlackCat ransomware as service operation's putative "unseizing" of its leak site from the FBI is a stunt made possible by way the dark web handles address resolution, security researchers said Monday.

Ransomware 312

Ransomware Security IT 312

Data Breach Today

JULY 30, 2020

Kaspersky Discovers 2 Incidents Involving VHD Ransomware The Lazarus Group, the North Korean hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank and the attacks on Sony Pictures, apparently is expanding into ransomware, according to the security firm Kaspersky.

Ransomware 281

Ransomware Security 281

Data Breach Today

OCTOBER 26, 2023

Ransomware Groups Listed 514 Victims in Total on Their Data Leak Sites Last Month The volume of known ransomware attacks surged last month to record-breaking levels, with groups collectively listing 514 victims on their data-leak sites, security researchers report.

Ransomware 311

Ransomware Security 311

Security Affairs

MARCH 11, 2024

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. The BianLian ransomware emerged in August 2022, the malware was employed in attacks against organizations in various industries, including manufacturing, media and entertainment, and healthcare.

Ransomware 103

Ransomware Manufacturing Access Security 103

Data Breach Today

MARCH 22, 2023

BianLian Follows in Karakurt's Footsteps by Moving Away From Crypto-Locking Malware Not all ransomware groups wield crypto-locking malware. After security researchers released a free decryptor for its malware, instead of encrypting files, the group chose to steal them and demand ransom solely for their safe return.

Ransomware 167

Ransomware Encryption Security IT 167

Data Breach Today

SEPTEMBER 25, 2023

2,050 Organizations Affected After Data Stolen From Secure File-Sharing Software The count of organizations affected by the Clop ransomware group's most recent mass targeting of Progress Software's secure file transfer software doubled last week.

Data breaches 312

Data breaches Ransomware Security IT 312

Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. This prompted several XSS members to start posting memes taunting the group about the security failure.

Ransomware 266

Ransomware Encryption Insurance Manufacturing 266

Data Breach Today

FEBRUARY 2, 2024

Today, we examine what happens when ransomware groups get careless, application developers' laissez-faire attitude toward vulnerabilities, and the security woes of a beleaguered crypto exchange.

Ransomware 268

Ransomware Cloud Security 268

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. Gb AWACS software - 13 Gb.esm files - 1.9

Ransomware 107

Ransomware Manufacturing Insurance Cybersecurity 107

Krebs on Security

SEPTEMBER 27, 2023

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The victim shaming website for the Snatch ransomware gang. top , sntech2ch[.]top top , dwhyj2[.]top

Ransomware 244

Ransomware Phishing Access Authentication 244

Data Breach Today

SEPTEMBER 13, 2023

Alphv/BlackCat Group Reportedly Hit Casino Operator via Social Engineering Attack Booking and reservation systems, as well as slot machines, hotel room door locks, ATMs and more remain offline at multiple MGM Resorts properties as the publicly traded casino hotel giant battles "a cybersecurity issue" that one group of security researchers has tied (..)

Ransomware 327

Ransomware Cybersecurity Security 327

Data Breach Today

MARCH 3, 2021

Sygnia Researchers Say Hackers Using Their MATA Framework to Deliver Malware The Lazarus Group, a North Korean hacking operation also known as Hidden Cobra, is deploying TFlower ransomware using its MATA malware framework, security firm Sygnia reports.

Ransomware 223

Ransomware Security IT 223

Krebs on Security

DECEMBER 19, 2023

Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The latter group was responsible for the Colonial Pipeline attack in May 2021 that caused nationwide fuel shortages and price spikes.

Ransomware 247

Ransomware Encryption IT Access 247

Security Affairs

OCTOBER 12, 2023

Ransomlooker monitors ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide. Cybernews presented Ransomlooker , a tool to monitor ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide.

Ransomware 132

Ransomware Personal data Access Cybersecurity 132

Security Affairs

NOVEMBER 12, 2023

The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital. The group claims to theft of more than 400GB of data, including internal files, patient medical images, and also employee email communications. Ransom demands have been quite high, between $500.000 and $700.000.

Ransomware 123

Ransomware Encryption Communications IT 123

Security Affairs

APRIL 10, 2024

Group Health Cooperative of South Central Wisconsin disclosed a data breach that impacted over 500,000 individuals. The Group Health Cooperative of South Central Wisconsin (GHC-SCW) is a non-profit organization that provides health insurance and medical care services to its members in the Madison metropolitan area of Wisconsin.

Data breaches 112

Data breaches e-Discovery Ransomware Insurance 112

Data Breach Today

NOVEMBER 25, 2022

The latest edition of the ISMG Security Report discusses how the profits of ransomware group Zeppelin have been smashed by security researchers, FTX again highlighting the risks of trading cryptocurrencies, and vendor Extrahop's newly appointed, high-profile president.

Ransomware 130

Ransomware Encryption Risk Security 130

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management. ” reported Bleeping Computer. .”

Ransomware 115

Ransomware Insurance Cybersecurity Encryption 115

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. It continues: “Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system.

Ransomware 212

Ransomware Data breaches Encryption Systems administration 212

Security Affairs

SEPTEMBER 1, 2023

Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims to recover their data without paying a ransom.

Ransomware 111

Ransomware Encryption Access Security 111

Data Breach Today

SEPTEMBER 26, 2023

Experts Emphasize Proactive Security Measures and Resilience to Mitigate Threats Information Security Media Group recently concluded its Cybersecurity Summit: London, which brought together industry leaders for a day of informative sessions covering a diverse range of critical cybersecurity topics, including CISOs' vulnerability to liability, ransomware (..)

Cybersecurity 271

Cybersecurity Ransomware Information Security Security 271

Data Breach Today

NOVEMBER 24, 2022

The latest edition of the ISMG Security Report discusses how the profits of ransomware group, Zepplin, have been smashed by security researchers, the risks of trading cryptocurrencies, and vendor Extrahop's newly appointed, high-profile president.

Ransomware 130

Ransomware Risk Security 130

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif.,

Ransomware 210

Ransomware Mining Blockchain Sales 210

Data Breach Today

AUGUST 22, 2023

The Attack Accesses an Exposed API on a Component of the Veeam Application The Cuba ransomware group is exploiting a bug in data backup software exposed in March, warn BlackBerry security researchers.

Ransomware 243

Ransomware Access Security IT 243

Krebs on Security

SEPTEMBER 18, 2023

The victim shaming website operated by the cybercriminals behind 8Base — currently one of the more active ransomware groups — was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. com/jcube-group/clients/apex/8base-v2.

Ransomware 235

Ransomware Communications Encryption IT 235

KnowBe4

MARCH 21, 2024

The threat group "RA World" (formerly RA Group) has shifted from country-specific ransomware attacks to include specific industries via a new - not previously seen - method of extortion.

Ransomware 112

Ransomware IT Phishing Security 112

Data Breach Today

OCTOBER 24, 2022

Information Commissioner levied a nearly $5 million fine against Interserve Group Limited for its lack of security protections in the run-up to a 2020 ransomware attack. Interserve Ran Obsolete Servers and Didn't Verify Malware Deletion The U.K.

Ransomware 242

Ransomware Security IT 242

Security Affairs

NOVEMBER 14, 2023

Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities. Over the last year, ransomware attackers have targeted energy installations in North America, Asia, and the European Union. Resecurity, Inc.

Ransomware 108

Ransomware Government Security Access 108

Data Breach Today

JULY 27, 2023

Ransomware-Building Group Lost Royal-Organized Competition, Researchers Say Is the Akira ransomware story coming to an end? Security researchers say the group was competing in a competition designed by Royal to give it a new cryptolocker - but lost.

Ransomware 230

Ransomware Security IT 230

Data Breach Today

AUGUST 23, 2023

Seeking Every Advantage, Most Ransomware Groups Attack Outside of Business Hours Ransomware-wielding hackers are moving faster than ever to pull the trigger on malicious encryption - but they could be bumping up against the limits of how fast they can go, say security researchers at Sophos.

Ransomware 222

Ransomware Encryption Security 222

Security Affairs

NOVEMBER 10, 2023

Microsoft spotted the exploitation of a SysAid zero-day vulnerability in limited attacks carried out by the Lace Tempest group. The IT giant linked the attacks to the Clop ransomware gang (aka Lace Tempest ). The malware enabled human-operated activity, including lateral movement, data theft, and ransomware deployment.

Ransomware 102

Ransomware Archiving Access Cybersecurity 102

Security Affairs

SEPTEMBER 26, 2023

This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site. Last week a ransomware attack hit the Government of Kuwait, the attack took place on September 18 and the government experts immediately started the incident response procedures to block the threat.

Ransomware 106

Ransomware Government Cybersecurity IT 106

Security Affairs

NOVEMBER 28, 2023

An international law enforcement operation dismantled the core of a ransomware group operating from Ukraine. A joint law enforcement operation led by Europol and Eurojust, with the support of the police from seven nations, has arrested in Ukraine the core members of a ransomware group. ” concludes the press release.

Ransomware 98

Ransomware Phishing Access Information Security 98