Security Affairs

DECEMBER 26, 2024

A ransomware attack on Pittsburgh Regional Transit (PRT) was the root cause of the agency’s service disruptions. On December 23, 2024, Pittsburgh Regional Transit (PRT) announced it was actively responding to a ransomware attack that was first detected on Thursday, December 19.

Ransomware 121

Ransomware Cyber Attacks Hacking Cybersecurity 121

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. The company confirmed that the security breach impacted some of its IT systems.

Technology 116

Technology Ransomware Engineering Manufacturing 116

Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office. ” reads a report published by Halcyon.

Ransomware 102

Ransomware Hacking Social Engineering VPN 102

Security Affairs

MARCH 7, 2025

Medusa ransomware has claimed nearly 400 victims since January 2023, with attacks increasing by 42% between 2023 and 2024. The Symantec Threat Hunter Team reported that the Medusa ransomware operators have claimed nearly 400 victims since January 2023. Experts tracked the Medusa ransomware activity as Spearwing.

Ransomware 62

Ransomware Antivirus Healthcare Encryption 62

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. ” reads the press release published by DoJ. in restitution.”

Ransomware 107

Ransomware Healthcare Government Cryptocurrency 107

SecureList

MAY 11, 2023

Ransomware keeps making headlines. attempted ransomware attacks which was 20% more than in 2021 (61.7M). attempted ransomware attacks which was 20% more than in 2021 (61.7M). Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted.

Ransomware 140

Ransomware Malware Architecture Telecommunications 140

Security Affairs

OCTOBER 4, 2023

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. Ransomware, a menace that has evolved into a formidable adversary, takes center stage in our examination of the cyber threat landscape during the second quarter of 2023.

Ransomware 131

Ransomware Data collection Cyber threats Hacking 131

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. OmniVision Technologies Inc.

Data breaches 133

Data breaches Ransomware Manufacturing Encryption 133

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” Ransomware attacks on U.S. In 2023, Loretto Hospital experienced another data security incident. The Loretto Hospital is a not-for-profit, community-focused health care provider.

Hacking 116

Hacking Healthcare Backups Ransomware 116

Security Affairs

FEBRUARY 11, 2025

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware gang. The ransomware component is then decrypted and loaded into the SmokeLoader process memory.

Ransomware 71

Ransomware Encryption Backups Malware 71

SecureList

MAY 14, 2024

Incident response analyst report 2023 As an information security company, our services include incident response and investigation, and malware analysis. Our annual Incident Response Report presents anonymized statistics on the cyberattacks we investigated in 2023. Read the full 2023 Incident Response Report (PDF).

Ransomware 130

Ransomware Passwords Authentication Government 130

Security Affairs

NOVEMBER 2, 2023

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. before 5.18.3

Ransomware 132

Ransomware Cybercrime Software Encryption 132

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. Akira Ransomware posts Stanford University. 430 gb of internal data.

Ransomware 131

Ransomware Data breaches Passwords Hacking 131

Security Affairs

MARCH 17, 2025

A researcher released a free decryptor for Linux Akira ransomware, using GPU power to recover keys through brute force. Security researcher Yohanes Nugroho created a free decryptor for Linux Akira ransomware , using GPUs to brute force the decryption keys. High timestamp precision and multi-threading add complexity.

Ransomware 67

Ransomware Encryption Malware Hacking 67

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 billion in 2023. The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 billion in 2023. billion in 2023 (+38%).

Cybercrime 139

Cybercrime Internet Internet Scams 139

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware 69

Ransomware Encryption Cryptocurrency Insurance 69

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. TB of stolen data. The group claims the theft of 1.4

Technology 107

Technology Ransomware Engineering Manufacturing 107

Security Affairs

JULY 15, 2024

Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 (CVSS score of 7.5) The vulnerability was addressed in March 2023, and shortly after a PoC exploit code for this issue was released publicly.

Backups 140

Backups Ransomware Antivirus DNS 140

Security Affairs

FEBRUARY 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. Throughout this period, the platform diligently tracked 185 criminal groups operating worldwide, meticulously tracing 342 servers employed for ransomware activities.

Ransomware 133

Ransomware Data collection Hacking Accountability 133

Security Affairs

JANUARY 3, 2025

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals. In May 2023, RUMC suffered a ransomware attack that caused a multi-week disruption.

Data breaches 75

Data breaches Ransomware Insurance Healthcare 75

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. In December 2023, the Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations of China-linked threat actor Volt Typhoon.

VPN 122

VPN Government Malware Manufacturing 122

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 135

Ransomware Backups VPN Authentication 135

Security Affairs

OCTOBER 17, 2023

What is the impact of ransomware on organizations? Based on Ransomlooker, a free Cybernews tool for monitoring the dark web and other hidden areas of the internet, 64% of organizations have already suffered from a ransomware attack. One employee’s mistake can cost a company millions of dollars.

Social Engineering 137

Social Engineering Ransomware Engineering Phishing 137

SecureList

JANUARY 18, 2023

Last year, the cybersecurity of corporations and government agencies was more significant than ever before, and will become even more so in 2023. The trend for personal data leaks grew rapidly in 2022 and will continue into 2023. Changes in the number of ransomware blog posts in 2021–2022, worldwide ( download ).

Media 140

Media Social Engineering Ransomware Hacking 140

Security Affairs

APRIL 17, 2024

Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence Data Center and Server.

Ransomware 144

Ransomware Encryption Malware Accountability 144

Security Affairs

JANUARY 25, 2024

The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity. These observations were made by analyzing numerous 2023 threat findings and discoveries, and include references to case studies that were reported on by RedSense throughout the year.

Ransomware 126

Ransomware Cybercrime Malware Data breaches 126

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 140

Ransomware Encryption Antivirus VPN 140

CyberSecurity Insiders

MAY 1, 2023

Companies that fail to protect their customers’ information are likely to face lawsuits in the year 2023, as impacted customers are no longer willing to tolerate such acts at the expense of their privacy and financial losses. By the way, data spills occurring from state-funded hacks are no longer covered under cyber insurance.

Data breaches 138

Data breaches Cyber Insurance Insurance Technology 138

Security Affairs

OCTOBER 27, 2023

The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Lockbit ransomware group today added Boeing to the list of victims on its Tor leak site. ransomware ??????: In 2022, Boeing recorded $66.61 In 2022, Boeing recorded $66.61

Ransomware 144

Ransomware Manufacturing InfoSec Hacking 144

Security Affairs

FEBRUARY 13, 2025

The group also created the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST).

Telecommunications 107

Telecommunications DNS Passwords Hacking 107

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Ransomware 142

Ransomware Hacking Engineering Manufacturing 142

Security Affairs

AUGUST 10, 2024

A INC Ransom ransomware attack this week disrupted IT and phone systems at McLaren Health Care hospitals. On Tuesday, an INC Ransom ransomware attack hit the McLaren Health Care hospitals and disrupted their IT and phone systems. The security breach exposed the sensitive personal information of 2,192,515 people.

Ransomware 132

Ransomware Insurance Data breaches Cyber Attacks 132

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government 139

Government Surveillance Ransomware Cybercrime 139

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. LOCKBIT RANSOMWARE GANG DEMANDED AN 80 MILLION RANSOM TO CDW The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data.

Cybersecurity 133

Cybersecurity Data breaches Spyware Passwords 133

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 140

Ransomware Encryption Backups Malware 140

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management. ” reported Bleeping Computer.

Ransomware 136

Ransomware Insurance Technology Malware 136

Security Affairs

NOVEMBER 6, 2023

Experts warn threat actors that started exploiting a recent critical flaw CVE-2023-22518 in Confluence Data Center and Confluence Server. Over the weekend threat actors started exploiting a recently disclosed vulnerability ( CVE-2023-22518 ) in all versions of Atlassian Confluence Data Center and Confluence Server.

Ransomware 128

Ransomware Hacking Software Information Security 128