Security Affairs

NOVEMBER 8, 2024

Texas oilfield supplier Newpark Resources suffered a ransomware attack that disrupted its information systems and business applications. Texas oilfield supplier Newpark Resources revealed that a ransomware attack on October 29 disrupted access to some of its information systems and business applications.

Ransomware 121

Ransomware Manufacturing Malware Hacking 121

Security Affairs

DECEMBER 4, 2024

BT Group (formerly British Telecom)’s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack.

Ransomware 123

Ransomware Telecommunications Healthcare Insurance 123

SecureWorld News

MARCH 13, 2025

A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. While the AI-generated malware required manual debugging to function properly, its mere existence signals an urgent need for security teams to adapt their defenses.

Malware 103

Malware Cybersecurity Cyber threats Threat Detection 103

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. In May 2023, the US Justice Department charged Russian national Mikhail Pavlovich Matveev for his alleged role in multiple ransomware attacks. ” reported RIA Novosti.

Ransomware 116

Ransomware Healthcare Hacking Malware 116

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. Broadcom researchers reported that threat actors behind an RA World ransomware attack against an Asian software and services firm employed a tool that was explosively associated in the past with China-linked APT groups.

Ransomware 117

Ransomware Software Cybercrime Encryption 117

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware 122

Ransomware Hacking Accountability Cyber Attacks 122

Security Affairs

DECEMBER 26, 2024

A ransomware attack on Pittsburgh Regional Transit (PRT) was the root cause of the agency’s service disruptions. On December 23, 2024, Pittsburgh Regional Transit (PRT) announced it was actively responding to a ransomware attack that was first detected on Thursday, December 19.

Ransomware 119

Ransomware Cyber Attacks Hacking Cybersecurity 119

Security Affairs

JANUARY 22, 2025

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024.

Ransomware 98

Ransomware Malware Social Engineering Engineering 98

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. The company confirmed that the security breach impacted some of its IT systems.

Technology 115

Technology Ransomware Engineering Manufacturing 115

Security Affairs

DECEMBER 3, 2024

ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC. A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation. No ransomware gang has claimed responsibility for the attack. million year-to-date.

Ransomware 117

Ransomware Encryption Technology Cybersecurity 117

Security Affairs

MARCH 1, 2025

Microsoft warns of a Paragon Partition Manager BioNTdrv.sys driver zero-day flaw actively exploited by ransomware gangs inattacks. The IT giant reported that one of these flaws is exploited by ransomware groups inzero-dayattacks. Microsoft reported that ransomware groups exploited CVE-2025-0289 to gain SYSTEM-level access.

Ransomware 115

Ransomware Software Hacking Cybercrime 115

Security Affairs

NOVEMBER 18, 2024

A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. “On September 8, 2024, we suffered a ransomware attack on our computer system.

Ransomware 123

Ransomware Insurance Encryption Healthcare 123

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. “Sorry, but this is f *d up. 428 hospitals.”

Ransomware 304

Ransomware Healthcare Cybercrime Government 304

Security Affairs

NOVEMBER 6, 2024

Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, and disrupted the access to its Electronic Health Record system. Ransomware attacks on U.S. terabytes of data.

Ransomware 123

Ransomware Healthcare Antivirus Data breaches 123

Security Affairs

MARCH 16, 2025

A Micronesian state suffered a ransomware attack and was forced to shut down all computers of its government health agency. A state in Micronesia, the state of Yap, suffered a ransomware attack, forcing the shutdown of all computers in its government health agency. No ransomware group has claimed responsibility for this attack.

Ransomware 115

Ransomware Government Internet Internet 115

Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office.

Ransomware 101

Ransomware Hacking Social Engineering VPN 101

Security Affairs

MARCH 24, 2025

Medusa ransomware uses a malicious Windows driver ABYSSWORKER to disable security tools, making detection and mitigation more difficult. Elastic Security Labs tracked a financially driven MEDUSA ransomware campaign using a HEARTCRYPT-packed loader and a revoked certificate-signed driver, ABYSSWORKER, to disable EDR tools.

Ransomware 85

Ransomware Malware Hacking Cybercrime 85

Security Affairs

JANUARY 15, 2025

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS keys to encrypt data in S3 buckets. Halcyon researchers pointed out that this ransomware campaign does not exploit any AWS vulnerability.

Encryption 115

Encryption Ransomware Authentication Accountability 115

Security Affairs

MARCH 23, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer PlaybookThen a Second Hacker Strikes ClearFakes (..)

Malware 63

Malware Threat Detection Cryptocurrency Ransomware 63

Security Affairs

FEBRUARY 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 71

Malware Spyware Ransomware Hacking 71

Security Affairs

MARCH 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 65

Malware DDOS Hacking Ransomware 65

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. ” reads the press release published by DoJ. in restitution.”

Ransomware 106

Ransomware Healthcare Government Cryptocurrency 106

Security Affairs

FEBRUARY 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 70

Malware Scams Banking Ransomware 70

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware 135

Malware Ransomware Banking Healthcare 135

Security Affairs

MARCH 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 61

Malware Architecture IoT Ransomware 61

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 29, 2024, the City published an update on the City’s website and confirmed that the City of Columbus suffered a ransomware attack. The gang claimed they had stolen databases containing 6.5

Ransomware 113

Ransomware Identity Theft Data breaches Cyber threats 113

Security Affairs

FEBRUARY 11, 2025

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware gang. The ransomware component is then decrypted and loaded into the SmokeLoader process memory.

Ransomware 69

Ransomware Encryption Backups Malware 69

Security Affairs

JANUARY 27, 2025

Threat actors behind ESXi ransomware attacks target virtualized environments using SSH tunneling to avoid detection. Researchers at cybersecurity firm Sygnia warn that threat actors behind ESXi ransomware attacks target virtualized environments using SSH tunneling to avoid detection.

Ransomware 98

Ransomware Authentication Hacking Cybersecurity 98

Security Affairs

DECEMBER 9, 2024

Romanian energy supplier Electrica Group is investigating an ongoing ransomware attack impacting its operations. The company assured investors that the attack hadn’t affected its critical systems, but temporary disruptions in customer services might occur due to enhanced security protocols.

Ransomware 116

Ransomware Cyber Attacks Cybercrime Marketing 116

Security Affairs

MARCH 17, 2025

A researcher released a free decryptor for Linux Akira ransomware, using GPU power to recover keys through brute force. Security researcher Yohanes Nugroho created a free decryptor for Linux Akira ransomware , using GPUs to brute force the decryption keys. The malware encrypts files using KCipher2 and Chacha8.

Ransomware 66

Ransomware Encryption Malware Hacking 66

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 63

Malware Artificial Intelligence DNS Ransomware 63

Security Affairs

JANUARY 26, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 61

Malware Artificial Intelligence Ransomware Hacking 61

Security Affairs

MARCH 15, 2025

Pirated software seekers are targeted by the new MassJacker clipper malware, according to CyberArk researchers. A new malware campaign spreading a new clipper malware dubbed MassJacker targets users searching for pirated software, Cyberark users warn. com) distributing pirated software that also spreads malware.

Software 116

Software Cryptocurrency Malware Encryption 116

Krebs on Security

OCTOBER 9, 2020

A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet , a malware crime machine that has infected millions of computers and is often used to spread ransomware. “They are running normally and their ransomware operations are pretty much back in full swing,” Holden said.

Ransomware 360

Ransomware Internet Internet Passwords 360

Security Affairs

FEBRUARY 16, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 65

Malware Data breaches Mobile Encryption 65

Security Affairs

JANUARY 5, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 65

Malware Spyware Ransomware Hacking 65

Security Affairs

MARCH 14, 2025

The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. reads the press release published by DoJ.

Ransomware 63

Ransomware Cryptocurrency Small Business Malware 63