Krebs on Security

APRIL 13, 2022

Of particular concern this month is CVE-2022-24521 , which is a “privilege escalation” vulnerability in the Windows common log file system driver. Among the scariest critical bugs is CVE-2022-26809, a potentially “wormable” weakness in a core Windows component ( RPC ) that earned a CVSS score of 9.8 (10

DNS 321

DNS Internet Internet Firewall 321

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. A few days later, the ransomware gang Hive leaked the alleged stolen files on its Tor leak site.

Technology 115

Technology Ransomware Engineering Manufacturing 115

Security Affairs

MARCH 10, 2025

Microsoft researchers reported that North Korea-linked APT tracked as Moonstone Sleet has employed the Qilin ransomware in limited attacks. Microsoft observed a North Korea-linked APT group, tracked as Moonstone Sleet, deploying Qilin ransomware in limited attacks since February 2025. ” Microsoft wrote on X. .

Ransomware 117

Ransomware VPN Healthcare Malware 117

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But according to Microsoft and an advisory from the U.S. National Security Agency (NSA).

Healthcare 339

Healthcare Ransomware Cybersecurity Malware 339

Security Affairs

DECEMBER 22, 2024

US authorities charged a dual Russian and Israeli national for being a developer of the LockBit ransomware group. Rostislav Panev, 51, a dual Russian-Israeli national, was charged as a LockBit ransomware developer. The man is accused of being a LockBit ransomware developer from 2019 through at least February 2024.

Ransomware 118

Ransomware Small Business Antivirus Malware 118

Tech Republic Security

OCTOBER 7, 2022

The post 2022 State of the Threat: Ransomware is still hitting companies hard appeared first on TechRepublic. SecureWorks found that business email compromise still generates huge revenues for cybercriminals, while cyberespionage activities tend not to change so much.

Ransomware 216

Ransomware Malware Cybersecurity 216

Krebs on Security

MAY 16, 2023

A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. prosecutors say Mikhail Pavolovich Matveev , a.k.a. Meanwhile, the U.S. “Mother Russia will help you,” Wazawaka concluded.

Ransomware 313

Ransomware Cybercrime VPN Healthcare 313

Tech Republic Security

MARCH 20, 2023

A look at 4th quarter 2022, data suggests that new threat surfaces notwithstanding, low-code cybersecurity business email compromises including phishing, as well as MFA bombing are still the prevalent exploits favored by threat actors. The post BECs double in 2022, overtaking ransomware appeared first on TechRepublic.

Ransomware 180

Ransomware Phishing Cybersecurity 180

Joseph Steinberg

JUNE 9, 2022

The Tenafly, New Jersey, Public School District has canceled final exams for its high school students after a ransomware cyberattack crippled the district’s computer infrastructure. The ransomware attack on Tenafly’s school system is a reminder of a sad, ironic, reality.

Ransomware 363

Ransomware Artificial Intelligence Education Cybercrime 363

Krebs on Security

JULY 12, 2022

The company said it would roll out the changes in stages between April and June 2022. As Ars Technica veteran reporter Dan Goodin put it , “security professionals—some who have spent the past two decades watching clients and employees get infected with ransomware, wipers, and espionage with frustrating regularity—cheered the change.”

Internet 272

Internet Internet Cyber threats Software 272

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code. This is not an idle concern.

Ransomware 354

Ransomware Encryption Backups Manufacturing 354

Krebs on Security

MARCH 9, 2022

Those include remote code execution bugs CVE-2022-24512 , affecting.NET and Visual Studio , and CVE-2022-21990 , affecting Remote Desktop Client. CVE-2022-24459 is a vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated “ Important ” by Microsoft.

Authentication 45

Authentication Ransomware Cyber threats Software 45

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. In May 2023, the US Justice Department charged Russian national Mikhail Pavlovich Matveev for his alleged role in multiple ransomware attacks. The Treasury Department sanctioned the ransomware actor.

Ransomware 117

Ransomware Healthcare Hacking Malware 117

Krebs on Security

DECEMBER 14, 2022

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The bug already seeing exploitation is CVE-2022-44698 , which allows attackers to bypass the Windows SmartScreen security feature.

Social Engineering 237

Social Engineering Ransomware Software Engineering 237

Lohrman on Security

DECEMBER 18, 2022

This past year will be remembered as another year of ransomware attacks, data breaches impacting critical infrastructure and, most of all, global cybersecurity impacts from the Russian war with Ukraine.

Data breaches 337

Data breaches Ransomware Cybersecurity 337

Tech Republic Security

OCTOBER 27, 2022

SonicWall’s mid-year report update has been released with new information on malware, ransomware, cryptojacking and more. The post 2022 cyber threat report details growing trends appeared first on TechRepublic.

Threat Reports 206

Threat Reports Cyber threats Ransomware Malware 206

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. ” Meanwhile, the U.S.

Ransomware 329

Ransomware Accountability Cybercrime Malware 329

The Last Watchdog

DECEMBER 16, 2021

In 2021, law enforcement continued making a tremendous effort to track down, capture and arrest ransomware operators, to take down ransomware infrastructure, and to claw back ransomware payments. These transformations for ransomware groups will become the source of new attacks. Related: The targeting of supply chains.

CISO 262

CISO Ransomware Risk Authentication 262

Krebs on Security

FEBRUARY 8, 2022

Among those is CVE-2022-22005 , a weakness in Microsoft’s Sharepoint Server versions 2013-2019 that could be exploited by any authenticated user. ” Kevin Breen at Immersive Labs called attention to CVE-2022-21996 , an elevation of privilege vulnerability in the core Windows component “ Win32k.”

Authentication 230

Authentication Internet Internet System Administration 230

Krebs on Security

NOVEMBER 14, 2024

In February, he and Ermakov were arrested on charges of operating a short-lived ransomware affiliate program in 2021 called Sugar (a.k.a. Shefel claims his Sugar ransomware affiliate program was a bust, and never generated any profits. Sugar Locker), which targeted single computers and end-users instead of corporations.

Retail 255

Retail Advertising Cryptocurrency Marketing 255

Krebs on Security

SEPTEMBER 18, 2023

The victim shaming website operated by the cybercriminals behind 8Base — currently one of the more active ransomware groups — was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The 8Base ransomware group’s victim shaming website on the darknet.

Ransomware 303

Ransomware Accountability Encryption Internet 303

Security Affairs

MARCH 2, 2025

The Qilin ransomware group claims responsibility for attacking the newspaper Lee Enterprises, stealing 350GB of data. The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, which impacted dozens of local newspapers. Lee Enterprises , Inc. is a publicly traded American media company.

Ransomware 76

Ransomware Cybercrime Encryption Healthcare 76

Tech Republic Security

JANUARY 10, 2023

Only 25% of the organizations surveyed by Delinea were hit by ransomware attacks in 2022, but fewer companies are taking proactive steps to prevent such attacks. The post Ransomware attacks are decreasing, but companies remain vulnerable appeared first on TechRepublic.

Ransomware 204

Ransomware 204

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. Editors note: This report was authored by Gautham Ashok & Alexa Feminella.

VPN 133

VPN Authentication Ransomware Risk 133

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. “There will be panic. 428 hospitals.”

Ransomware 304

Ransomware Healthcare Cybercrime Government 304

Krebs on Security

MAY 31, 2022

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti.

Ransomware 317

Ransomware Government Hacking Media 317

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. The gang claims to have breached the corporate network on October 3rd, 2022.

Technology 106

Technology Ransomware Engineering Manufacturing 106

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. penned a two-part analysis on why smart contracts will make ransomware more profitable. “I think it will help us with smart contracts.”

Ransomware 269

Ransomware Cryptocurrency DDOS Scams 269

eSecurity Planet

FEBRUARY 24, 2025

Over 200,000 internal messages from the notorious ransomware group Black Basta have surfaced online exposing deep divisions, ransom negotiations, and internal dysfunction. Cybersecurity experts are now poring over the data, uncovering a rare inside look at how one of the most feared ransomware groups operates and potentially unravels.

Ransomware 69

Ransomware Phishing Healthcare Cryptocurrency 69

SecureWorld News

JANUARY 8, 2025

Here's what happened: In August 2024, Stoli got hit with ransomware. But the ransomware attack wasn't their only problem. Then ransomware hit. Here are three examples or organizations that all closed after ransomware struck: Lincoln College (Illinois): This private college ceased operations in May 2022.

Ransomware 110

Ransomware Manufacturing Government Accountability 110

Security Affairs

FEBRUARY 11, 2025

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware gang. The ransomware component is then decrypted and loaded into the SmokeLoader process memory.

Ransomware 70

Ransomware Encryption Backups Malware 70

Schneier on Security

MAY 17, 2024

The FBI has seized the BreachForums website, used by ransomware criminals to leak stolen corporate data. co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. ” “Previously, a separate version of BreachForums (hosted at breached.vc/.to/.co

Hacking 318

Hacking Accountability Ransomware Internet 318

The Last Watchdog

JUNE 20, 2022

I had the chance at RSA Conference 2022 to visit with John Shier, senior security advisor at Sophos, a security software and hardware company. Or the payload might be a data exfiltration routine — or a full-blown ransomware attack. Speaking of ransomware, cyber extortion continues to persist at a plague level.

Ransomware 235

Ransomware Digital transformation Marketing Software 235

Security Affairs

MARCH 14, 2025

The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. reads the press release published by DoJ.

Ransomware 63

Ransomware Cryptocurrency Small Business Malware 63

Lohrman on Security

OCTOBER 30, 2022

Cyber summits were held this past week in Michigan and Kansas, and hot topics ranged from workforce development to ransomware to growing global cyber threats. Here’s a rundown.

Cyber threats 220

Cyber threats Ransomware 220

Krebs on Security

NOVEMBER 21, 2024

In August 2022, multiple security firms gained access to the server that was receiving data from that Telegram bot, which on several occasions leaked the Telegram ID and handle of its developer, who used the nickname “ Joeleoli.” The group then used their access to Twilio to attack at least 163 of its customers.

Identity Theft 251

Identity Theft Phishing Cryptocurrency Accountability 251

The Last Watchdog

JANUARY 20, 2022

Looking back, 2021 was a breakout year for ransomware around the globe, with ransoms spiking to unprecedented multi-million dollar amounts. Related: Colonial Pipeline attack ups ransomware ante. EDR systems are supposed to protect IT system endpoints against these very malware, ransomware, and other types of malicious code.

Ransomware 234

Ransomware Malware Data breaches Technology 234