Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But according to Microsoft and an advisory from the U.S. National Security Agency (NSA).

Healthcare 337

Healthcare Ransomware Cybersecurity Malware 337

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. A few days later, the ransomware gang Hive leaked the alleged stolen files on its Tor leak site.

Technology 115

Technology Ransomware Engineering Manufacturing 115

Krebs on Security

JUNE 16, 2021

Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group , a cybercriminal gang said to have extorted more than half a billion dollars from victims. The CLOP gang seized on those flaws to deploy ransomware to a significant number of Accellion’s FTA customers , including U.S.

Ransomware 357

Ransomware Cybercrime Malware Encryption 357

Krebs on Security

AUGUST 19, 2021

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. Abnormal Security documented how it tied the email back to a young man in Nigeria who acknowledged he was trying to save up money to help fund a new social network he is building called Sociogram. .”

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. Broadcom researchers reported that threat actors behind an RA World ransomware attack against an Asian software and services firm employed a tool that was explosively associated in the past with China-linked APT groups.

Ransomware 117

Ransomware Software Cybercrime Encryption 117

Krebs on Security

SEPTEMBER 23, 2020

The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents. Plano, Texas-based Tyler Technologies [ NYSE:TYL ] has some 5,300 employees and brought in revenues of more than $1 billion in 2019.

Technology 357

Technology Ransomware Software Government 357

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. Russian news agency RIA Novosti, citing an anonymous source, confirmed that the arrested man is the “programmer” as Mikhail Matveev, as reported in court documents.

Ransomware 117

Ransomware Healthcare Hacking Malware 117

Digital Shadows

NOVEMBER 12, 2024

Ransomware Activity Targeting the Construction Sector Ransomware remains the biggest threat to the sector, as demonstrated by the 41% rise in organizations appearing on data-leak sites over the past year.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

Tech Republic Security

MARCH 19, 2025

FBI warns computer users to keep an eye out for malware, including ransomware, distributed through working document converters.

Malware 150

Malware Scams Ransomware Identity Theft 150

Tech Republic Security

SEPTEMBER 9, 2021

Cyberattacks have surged during the coronavirus pandemic as criminals rake in bountiful ransomware payouts. Malicious office docs have been on the rise for months, per a new report.

Ransomware 218

Ransomware 218

Tech Republic Security

FEBRUARY 1, 2023

A new phishing campaign abuses OneNote documents to infect computers with the infamous AsyncRAT malware, targeting users in the U.K., The post OneNote documents spread malware in several countries appeared first on TechRepublic. Canada and the U.S.

Malware 164

Malware Phishing Ransomware 164

Penetration Testing

JANUARY 25, 2024

Recently, FortiGuard Labs uncovered the FAUST ransomware, a variant of the notorious Phobos family.

Penetration Testing 116

Penetration Testing Ransomware Encryption Software 116

Krebs on Security

AUGUST 29, 2019

PerCSoft , a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack. The ransomware attack hit PerCSoft on the morning of Monday, Aug. West Allis, Wis.-based

Backups 255

Backups Ransomware Insurance Encryption 255

Krebs on Security

DECEMBER 16, 2019

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. The message displayed at the top of the Maze Ransomware public shaming site. Follow the news!”

Ransomware 245

Ransomware Data breaches Healthcare Cybercrime 245

Krebs on Security

NOVEMBER 14, 2024

In February, he and Ermakov were arrested on charges of operating a short-lived ransomware affiliate program in 2021 called Sugar (a.k.a. Shefel claims his Sugar ransomware affiliate program was a bust, and never generated any profits. Sugar Locker), which targeted single computers and end-users instead of corporations.

Retail 253

Retail Advertising Cryptocurrency Cybercrime 253

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. Reached by phone today, Jansson said he quit the company in August, right around the time Gunnebo disclosed the thwarted ransomware attack.

Hacking 356

Hacking Ransomware Banking Accountability 356

Security Affairs

MARCH 2, 2025

The Qilin ransomware group claims responsibility for attacking the newspaper Lee Enterprises, stealing 350GB of data. The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, which impacted dozens of local newspapers. Lee Enterprises , Inc. is a publicly traded American media company.

Ransomware 76

Ransomware Cybercrime Encryption Healthcare 76

Security Affairs

FEBRUARY 11, 2025

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware gang. The ransomware component is then decrypted and loaded into the SmokeLoader process memory.

Ransomware 70

Ransomware Encryption Backups Malware 70

Malwarebytes

JANUARY 6, 2025

A US chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an accidentally formatted hard drive. In October 2020, Westend Dental was attacked by the Medusa Locker ransomware group.

Data breaches 145

Data breaches Ransomware Passwords Insurance 145

Security Affairs

FEBRUARY 12, 2025

The Sarcoma ransomware group announced a breach of the Taiwanese printed circuit board (PCB) manufacturing giant Unimicron. The Sarcoma ransomware group claims to have breached Taiwanese PCB manufacturer Unimicron, leaked sample files, and threatened a full data release if no ransom is paid by Tuesday, February 20, 2025.

Computers and Electronics 76

Computers and Electronics Ransomware Manufacturing Data breaches 76

Security Affairs

APRIL 7, 2025

With the help of these documents, even inexperienced operators with limited hacking skills can quickly acquire the necessary expertise to successfully forward counterfeit EDRs.

Cybercrime 138

Cybercrime Social Engineering Accountability Government 138

Schneier on Security

DECEMBER 6, 2022

Kaspersky is reporting on a data wiper masquerading as ransomware that is targeting local Russian government networks. The malware focuses on databases, archives, and user documents. The malware focuses on databases, archives, and user documents. Nothing leading to an attribution. News article. Slashdot thread.

Ransomware 289

Ransomware Government Malware 289

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. TB of stolen data. The group claims the theft of 1.4

Technology 106

Technology Ransomware Engineering Manufacturing 106

Security Affairs

DECEMBER 30, 2023

The INC RANSOM ransomware group claims to have hacked the American multinational corporation Xerox Corp. Xerox Corp provides document management solutions worldwide. The INC RANSOM ransomware group claims responsibility for hacking the American multinational corporation Xerox Corp and threatens to disclose the alleged stolen data.

Ransomware 143

Ransomware InfoSec Data breaches Hacking 143

Security Affairs

DECEMBER 8, 2024

Anna Jaques Hospital revealed thatthe ransomware attack it suffered last year has exposed sensitive health data for over 316,000 patients. On December 25, 2023, a ransomware attack hit the Anna Jaques Hospital. The hospital revealed that the security breach exposed sensitive health data for over 316,000 patients.

Data breaches 115

Data breaches Insurance Healthcare Ransomware 115

Schneier on Security

JANUARY 28, 2021

A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware.

Malware 256

Malware Phishing Ransomware Cybercrime 256

Graham Cluley

JULY 29, 2024

Hackers have released internal documents stolen from one of America's largest IT services providers, which counts various US government agencies, including the Department of Defense, amongst its customers. Read more in my article on the Hot for Security blog.

Hacking 105

Hacking Government Data breaches Ransomware 105

Krebs on Security

MAY 22, 2019

Our {legal team | legal council | legal departement} has prepared a document explaining the {litigation | legal dispute | legal contset}. Please download and read the attached encrypted document carefully. Note: The password for the document is 123456. Yes, the spelling/grammar is poor and awkward (e.g.,

Phishing 279

Phishing Antivirus Scams Malware 279

Security Affairs

JULY 15, 2024

Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The initial access to the target network was via Secure Shell (SSH) protocol and attackers exfiltrated critical data before deploying Akira ransomware the following day.

Backups 139

Backups Ransomware Antivirus DNS 139

Security Affairs

JULY 11, 2024

The ransomware attack that hit Dallas County in October 2023 has impacted more than 200,000 individuals exposing their personal information. In October 2023 the Play ransomware group hit Dallas County, Texas, and added the city to its Tor leak site claiming the theft of sensitive documents from multiple departments.

Ransomware 127

Ransomware Identity Theft Data breaches Insurance 127

Security Affairs

NOVEMBER 19, 2023

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. The ransomware component is then decrypted and loaded into the SmokeLoader process’ memory.

Ransomware 140

Ransomware Encryption Backups Malware 140

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. ” In an October 2013 discussion on the cybercrime forum Exploit , NeroWolfe weighed in on the karmic ramifications of ransomware. Last week, the United States joined the U.K.

Ransomware 294

Ransomware Cybercrime Accountability Malware 294

Krebs on Security

AUGUST 5, 2024

A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. ThreatLabz found Dark Angels has conducted some of the largest ransomware attacks to date, and yet little is known about the group.

Ransomware 262

Ransomware Insurance Healthcare Education 262

Krebs on Security

DECEMBER 8, 2022

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. “ Cl0p ” a.k.a.

Healthcare 320

Healthcare Backups Ransomware Insurance 320

Security Affairs

FEBRUARY 10, 2024

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. ” concludes the report.

Ransomware 138

Ransomware Architecture Malware Passwords 138

Security Affairs

SEPTEMBER 2, 2024

A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS) operation that appeared in the threat landscape. The Cicada3301 ransomware is written in Rust and targets both Windows and Linux/ESXi hosts.

Ransomware 134

Ransomware Encryption Malware Cybercrime 134

SecureList

DECEMBER 21, 2023

In April 2023, we published a blog post about a zero-day exploit we discovered in ransomware attacks that was patched as CVE-2023-28252 after we promptly reported it to Microsoft. The next five parts will cover the actual root causes and exploitation of five vulnerabilities that were used in ransomware attacks throughout the year.

Ransomware 144

Ransomware Engineering Advertising Technology 144