Lohrman on Security

DECEMBER 19, 2021

2021 will be remembered as the most disruptive year so far when it came to cyber attacks, with ransomware impacting businesses and governments — including critical infrastructure — as never before.

Ransomware 346

Ransomware Cyber Attacks Government 346

Security Affairs

MARCH 16, 2025

A Micronesian state suffered a ransomware attack and was forced to shut down all computers of its government health agency. A state in Micronesia, the state of Yap, suffered a ransomware attack, forcing the shutdown of all computers in its government health agency.

Ransomware 115

Ransomware Government Internet Internet 115

Krebs on Security

SEPTEMBER 23, 2020

The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents. Plano, Texas-based Tyler Technologies [ NYSE:TYL ] has some 5,300 employees and brought in revenues of more than $1 billion in 2019.

Technology 358

Technology Ransomware Software Government 358

Lohrman on Security

JULY 21, 2024

Several recently released cyber industry reports show steady or growing ransomware numbers in 2024 so far, and impacts on business and government have never been greater.

Ransomware 291

Ransomware Government 291

Security Affairs

DECEMBER 22, 2024

US authorities charged a dual Russian and Israeli national for being a developer of the LockBit ransomware group. Rostislav Panev, 51, a dual Russian-Israeli national, was charged as a LockBit ransomware developer. The man is accused of being a LockBit ransomware developer from 2019 through at least February 2024.

Ransomware 118

Ransomware Small Business Antivirus Malware 118

Krebs on Security

OCTOBER 1, 2020

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today. Image: Shutterstock.

Ransomware 363

Ransomware Cyber Insurance Insurance Cybercrime 363

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. All they need is one successful attempt to gain initial access."

Ransomware 109

Ransomware IoT Encryption Social Engineering 109

Schneier on Security

SEPTEMBER 4, 2024

A city is the victim of a ransomware attack. This story seems straightforward. They repeatedly lie to the media about the severity of the breach. A security researcher repeatedly proves their statements to be lies. The city gets mad and sues the researcher.

Government 296

Government Media Ransomware 296

Krebs on Security

MAY 14, 2021

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The DarkSide message includes passages apparently penned by a leader of the REvil ransomware-as-a-service platform.

Ransomware 364

Ransomware Cryptocurrency Cybercrime Healthcare 364

Security Affairs

DECEMBER 3, 2024

ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC. A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation. No ransomware gang has claimed responsibility for the attack. million year-to-date.

Ransomware 117

Ransomware Encryption Technology Cybersecurity 117

Krebs on Security

FEBRUARY 28, 2025

.” Intrinsec found Prospero has courted some of Russia’s nastiest cybercrime groups, hosting control servers for multiple ransomware gangs over the past two years. A second story claimed that Israeli spies caught Russian government hackers using Kaspersky software to search customer systems for files containing U.S.

Malware 240

Malware Antivirus Software DDOS 240

Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. Image: Tamer Tuncay, Shutterstock.com.

Healthcare 295

Healthcare Insurance Computers and Electronics Data breaches 295

Krebs on Security

MARCH 5, 2024

healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. BlackCat is known as a “ransomware-as-service” collective, meaning they rely on freelancers or affiliates to infect new networks with their ransomware. There are indications that U.S.

Healthcare 355

Healthcare Ransomware Scams Government 355

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware.

Healthcare 325

Healthcare Ransomware Antivirus Hacking 325

Krebs on Security

MAY 31, 2022

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti.

Ransomware 315

Ransomware Government Hacking Media 315

eSecurity Planet

NOVEMBER 6, 2024

Following a July 18 attack by the Rhysida ransomware group — believed to have Russian affiliations — Columbus is still reeling from the exposure of vast amounts of sensitive resident data. This attack underscores a critical lesson for businesses: even the most vital institutions, such as a city government, are vulnerable to cyberthreats.

Ransomware 116

Ransomware Authentication Identity Theft Penetration Testing 116

Krebs on Security

MAY 16, 2023

A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. Previous reporting here revealed that Matveev’s alter egos included “ Orange, ” the founder of the RAMP ransomware forum.

Ransomware 312

Ransomware Cybercrime VPN Healthcare 312

Krebs on Security

MARCH 11, 2025

government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Treasury Office of Foreign Assets Control in April 2022 for receiving hundreds of millions in criminal proceeds, including funds used to facilitate hacking, ransomware, terrorism and drug trafficking.

Ransomware 261

Ransomware Cryptocurrency Marketing Government 261

Krebs on Security

NOVEMBER 2, 2021

A number of publications in September warned about the emergence of “ Groove ,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. 22 post from Groove calling for attacks on the United States government sector. ” reads the Oct.

Ransomware 315

Ransomware Cybercrime VPN Media 315

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. and foreign government organizations. in restitution.”

Ransomware 106

Ransomware Healthcare Government Cryptocurrency 106

SecureWorld News

NOVEMBER 14, 2024

Ransomware attacks on healthcare organizations have sharply increased in 2024, as shown by recent research from Safety Detectives. Compared to 2023, healthcare providers are facing a higher frequency of ransomware incidents, impacting their ability to deliver essential services and protect sensitive patient data.

Healthcare 115

Healthcare Ransomware Identity Theft Data breaches 115

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. ” Meanwhile, the U.S.

Ransomware 328

Ransomware Accountability Cybercrime Malware 328

Digital Shadows

NOVEMBER 12, 2024

Ransomware Activity Targeting the Construction Sector Ransomware remains the biggest threat to the sector, as demonstrated by the 41% rise in organizations appearing on data-leak sites over the past year.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. “There will be panic. 428 hospitals.”

Ransomware 303

Ransomware Healthcare Cybercrime Government 303

Security Affairs

MARCH 26, 2025

Resecurity found an LFI flaw in the leak site of BlackLock ransomware, exposing clearnet IPs and server details. Resecurity has identified a Local File Include (LFI) vulnerability in Data Leak Site (DLS) of BlackLock Ransomware. BlackLock Ransomware was named as one of the fastest-growing ransomware strains for today.

Ransomware 75

Ransomware Cybersecurity Healthcare Accountability 75

Security Affairs

DECEMBER 9, 2024

Deloitte has responded to claims by the Brain Cipher ransomware group, which alleges the theft of over 1 terabyte of the company’s data. Recently, the ransomware group Brain Cipher added Deloitte UK to its Tor leak site. The Brain Cipher ransomware group has been active since at least April 2024.On

Hacking 121

Hacking Ransomware Accountability Architecture 121

Security Boulevard

DECEMBER 16, 2024

Hackers likely stole personal information such names, addresses, and SSNs in a ransomware attack on Rhode Island's human services systems and are threatening to release the data as state and federal officials and Deloitte scrambling to mitigate the data breach.

Ransomware 110

Ransomware Data breaches Social Engineering Data privacy 110

Security Boulevard

DECEMBER 6, 2024

The post Stoli Vodka: Bankrupt After Ransomware Attack appeared first on Security Boulevard. Absolutely un-fabulous: Smells like Russia is responsible, but reality is a bit more complicated.

Ransomware 115

Ransomware Cyber Attacks Security Awareness Risk 115

Security Boulevard

OCTOBER 21, 2024

It is good to see US government leaders realize that ransomware is a growing existential threat to our country, at the hands of our adversaries. A top US national cybersecurity advisor stated in a recent op-ed , “This is a troubling practice that must end.” The government is looking at ways to disrupt ransomware attacks.

Ransomware 75

Ransomware Insurance Cyber Insurance Government 75

Security Affairs

MARCH 7, 2025

Medusa ransomware has claimed nearly 400 victims since January 2023, with attacks increasing by 42% between 2023 and 2024. The Symantec Threat Hunter Team reported that the Medusa ransomware operators have claimed nearly 400 victims since January 2023. Experts tracked the Medusa ransomware activity as Spearwing.

Ransomware 61

Ransomware Antivirus Healthcare Encryption 61

Krebs on Security

OCTOBER 28, 2020

26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. On Monday, Oct. hospitals and healthcare providers.”

Ransomware 279

Ransomware Healthcare Computers and Electronics Cybercrime 279

Lohrman on Security

SEPTEMBER 3, 2023

Reports from cybersecurity companies in 2023 show mixed trends regarding the number of global data breaches, ransomware attacks, records affected and government costs. But one thing is clear: Cyber attack impacts steadily grow.

Data breaches 222

Data breaches Ransomware Cyber Attacks Government 222

Tech Republic Security

JULY 18, 2022

Microsoft says a ransomware gang calling itself H0lyGh0st may be sponsored by the North Korean government as a way for the country to offset its struggling economy. The post Why North Korean cybercriminals are targeting businesses with ransomware appeared first on TechRepublic.

Ransomware 206

Ransomware Government 206

Schneier on Security

MAY 26, 2021

In a post published Tuesday , SentinelOne researchers said they assessed with high confidence that based on the code and the servers Apostle reported to, the malware was being used by a newly discovered group with ties to the Iranian government.

Malware 352

Malware Ransomware Government 352

Schneier on Security

SEPTEMBER 22, 2021

The Washington Post reports that the FBI had a decryption key for the REvil ransomware, but didn’t pass it along to victims because it would have disrupted an ongoing operation. Also, a government assessment found the harm was not as severe as initially feared. Fighting ransomware is filled with security trade-offs.

Ransomware 357

Ransomware Government Hacking 357

Lohrman on Security

AUGUST 8, 2021

Ransomware crippling governments and businesses. Exponential increases in global cyber crime. Nations ignoring cyber criminals operating on their soil. The time for international cooperation on cybersecurity is now.

Government 322

Government Ransomware Cybersecurity 322

Security Affairs

FEBRUARY 11, 2025

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware gang. and Swiss governments sought the suspects, and Switzerland has requested their extradition.

Ransomware 69

Ransomware Encryption Backups Malware 69