Krebs on Security

FEBRUARY 28, 2025

Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a persistent source of malicious software, botnet controllers, and a torrent of phishing websites. And BEARHOST has been cultivating its reputation since at least 2019.

Malware 234

Malware Antivirus Software DDOS 234

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. All they need is one successful attempt to gain initial access."

Ransomware 108

Ransomware IoT Encryption Social Engineering 108

The Last Watchdog

DECEMBER 16, 2024

Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. Legacy IAM systems cant keep up as AI-powered phishing and deepfakes grow more sophisticated. The drivers are intensifying.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code. This is not an idle concern.

Ransomware 352

Ransomware Encryption Backups Manufacturing 352

Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office.

Ransomware 103

Ransomware Hacking Social Engineering VPN 103

Tech Republic Security

MARCH 17, 2022

CISA adds 15 known exploited vulnerabilities to its catalog and BlackBerry researchers warn of a new ransomware-as-a-service family. The post Cybersecurity news: LokiLocker ransomware, Instagram phishing attack and new warnings from CISA appeared first on TechRepublic.

Phishing 210

Phishing Ransomware Cybersecurity 210

The Last Watchdog

OCTOBER 10, 2024

SpyCloud Investigations is a powerful cybercrime and identity threat investigation solution used by analysts and investigators to discover and act on threats by navigating the world’s largest repository of recaptured breach, malware, and phishing data.

Risk 286

Risk Cybercrime Identity Theft Phishing 286

Krebs on Security

JUNE 9, 2020

that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. The average ransomware payment by ransomware strain.

Ransomware 362

Ransomware System Administration Backups Technology 362

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware.

Healthcare 320

Healthcare Ransomware Antivirus Hacking 320

Malwarebytes

JANUARY 10, 2025

The RansomHub ransomware group claims to have exfiltrated an enormous 1.5 Here, the ransomware group lays blame on the company itself. This isn’t rare for a ransomware group, as the tactics and vernacular are often based around shame, guilt, and a pre-teen-like arrogance. 2FA that relies on a FIDO2 device cant be phished.

Ransomware 95

Ransomware Data breaches Passwords Phishing 95

eSecurity Planet

NOVEMBER 6, 2024

Following a July 18 attack by the Rhysida ransomware group — believed to have Russian affiliations — Columbus is still reeling from the exposure of vast amounts of sensitive resident data. Cybersecurity awareness training helps staff recognize phishing scams , social engineering attempts, and other threats.

Ransomware 115

Ransomware Authentication Identity Theft Penetration Testing 115

eSecurity Planet

MARCH 17, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has released a joint cybersecurity advisory warning organizations about the escalating threat posed by the Medusa ransomware.

Ransomware 75

Ransomware Backups Firmware Insurance 75

Security Affairs

DECEMBER 9, 2024

Romanian energy supplier Electrica Group is investigating an ongoing ransomware attack impacting its operations. ” Electrica Group advised customers to stay vigilant against potential phishing attempts and suspicious communications claiming to be from Electrica. “Initial investigations show that it was a ransomware attack.

Ransomware 118

Ransomware Cyber Attacks Cybercrime Marketing 118

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. The ZIP archives contain a compressed executable payload that, if executed, will start the encryption process with LockBit Black ransomware. ” states the report published by the NJCCIC. 177 and 185[.]215[.]113[.]66.

Phishing 132

Phishing Ransomware Security Awareness Authentication 132

Joseph Steinberg

NOVEMBER 15, 2021

There has likely not been a single hour during the last decade, for example, during which criminals did not carry out successful phishing-based attacks by exploiting the inherent lack of security within standard and ubiquitous email technology. And such issues are just the tip of the iceberg when it comes to email security.

Phishing 246

Phishing Artificial Intelligence Technology Scams 246

eSecurity Planet

FEBRUARY 24, 2025

Over 200,000 internal messages from the notorious ransomware group Black Basta have surfaced online exposing deep divisions, ransom negotiations, and internal dysfunction. Cybersecurity experts are now poring over the data, uncovering a rare inside look at how one of the most feared ransomware groups operates and potentially unravels.

Ransomware 68

Ransomware Phishing Healthcare Cryptocurrency 68

Security Affairs

JANUARY 22, 2025

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024.

Ransomware 98

Ransomware Malware Social Engineering Engineering 98

SecureWorld News

OCTOBER 31, 2024

From zombie botnets to phishing phantoms, these threats might sound like campfire tales, but they're some of the most sinister forces in cybersecurity today. Phishing phantoms: masters of disguise Phishing scams have become more sophisticated. Like a phantom in disguise, a phishing attack can appear harmless—until it's too late.

IoT 117

IoT Phishing DDOS Backups 117

Digital Shadows

JANUARY 22, 2025

Phishing Remains Top Tactic, Fueled by Teams Abuse Figure 1: Top attack techniques in true-positive customer incidents for finance & insurance sector, H2 2024 vs H2 2023 Phishing dominated cyber attacks in H2 2024, accounting for over 90% of incidents across industries due to its simplicity and effectiveness.

Insurance 64

Insurance Phishing Social Engineering Engineering 64

Malwarebytes

MARCH 17, 2025

The FBI warned specifically about that malware leading to ransomware attacks, but we’ve also seen similar sites that install browser hijackers, adware, and potentially unwanted programs (PUPs). com (phishing) convertitoremp3[.]it com (Phishing) convertix-api[.]xyz Imageconvertors[.]com it (Riskware) convertisseurs-pdf[.]com

Malware 139

Malware Adware Education Phishing 139

Malwarebytes

JANUARY 27, 2025

In May, UnitedHealth CEO Andrew Witty estimated that the ransomware attack compromised the data of a third of US individuals when he testified before the Senate Finance Committee on Capitol Hill. The ALPHV/BlackCat ransomware group claimed the initial attack. 2FA that relies on a FIDO2 device cant be phished. Take your time.

Data breaches 125

Data breaches Healthcare Passwords Insurance 125

Tech Republic Security

MARCH 20, 2023

A look at 4th quarter 2022, data suggests that new threat surfaces notwithstanding, low-code cybersecurity business email compromises including phishing, as well as MFA bombing are still the prevalent exploits favored by threat actors. The post BECs double in 2022, overtaking ransomware appeared first on TechRepublic.

Ransomware 177

Ransomware Phishing Cybersecurity 177

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware 70

Ransomware Encryption Cryptocurrency Insurance 70

The Last Watchdog

NOVEMBER 29, 2022

A new development in phishing is the “nag attack.” This is how keyloggers and backdoors get implanted deep inside company networks, as well as how ransomware seeps in. Nag attacks add to the litany of phishing techniques. Over the years, endless phishing variants have emerged, including: •Bulk phishing.

Phishing 214

Phishing Social Engineering Scams Software 214

Daniel Miessler

SEPTEMBER 29, 2020

Ransomware is the Cyber Pearl Harbor we’ve been waiting for all along. Ransomware is the new PCI. Some stats: At the time of this writing, Google News returns 7,460,000 results for the term Ransomware. According to Datto, Ransomware attacks are costing businesses more than $75 billion a year. It’s annoying 2.

Ransomware 246

Ransomware Government Social Engineering Small Business 246

The Hacker News

MARCH 6, 2025

The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT.

Phishing 108

Phishing Ransomware 108

Schneier on Security

FEBRUARY 11, 2022

It had no documented cyber incident response runbooks or IT recovery plans (apart from documented AD recovery plans) for recovering from a wide-scale ransomware event.

Antivirus 354

Antivirus Hacking Ransomware CISO 354

Krebs on Security

SEPTEMBER 27, 2023

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The victim shaming website for the Snatch ransomware gang. 226 , currently assigned to Matrix Telekom in Russia.

Ransomware 306

Ransomware Internet Internet Phishing 306

Security Boulevard

NOVEMBER 11, 2024

Guest speakers Sal Franco, IT Director at Buckeye Elementary, and Fran Watkins, Technology Manager at Centennial School District, shared first-hand stories of ransomware and data loss incidents that tested.

Phishing 64

Phishing Ransomware Technology Cybersecurity 64

The Last Watchdog

MAY 5, 2022

Ransomware? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor.

Ransomware 247

Ransomware Risk Internet Internet 247

Security Affairs

DECEMBER 2, 2024

Operation HAECHI V (July-Nov 2024) targeted cyber frauds like phishing, romance scams, sextortion, investment fraud, online gambling, BEC, and e-commerce fraud. Korean and Chinese authorities dismantled a voice phishing syndicate that caused $1.1B in losses to 1,900+ victims. The operation led to 27 arrests and 19 indictments.

Cryptocurrency 127

Cryptocurrency Phishing Scams Cybercrime 127

Security Affairs

OCTOBER 20, 2024

Expanding the Investigation: Deep Dive into Latest TrickMo Samples HijackLoader evolution: abusing genuine signing certificates FASTCash for Linux Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware Technical Analysis of DarkVision RAT Encrypted Symphony: Infiltrating the Cicada3301 Ransomware-as-a-Service (..)

Malware 124

Malware Ransomware Encryption Phishing 124

Malwarebytes

NOVEMBER 4, 2024

A ransomware attack against the City of Columbus, Ohio—which drew public scrutiny following the city government’s attempt to silence a researcher who told the public about the attack—has received a little more detail from an unexpected source: The Attorney General for the state of Maine. Watch out for fake vendors. Take your time.

Data breaches 112

Data breaches Passwords Ransomware Phishing 112

The Last Watchdog

OCTOBER 23, 2024

Cybersecurity training for small businesses is critical, and SMBs should invest in training programs to help employees recognize threats such as phishing attacks, ransomware, and other malicious activities. Regular backups ensure that businesses can recover quickly from ransomware attacks or other data loss incidents.

Small Business 162

Small Business Data breaches Backups Passwords 162

Security Boulevard

NOVEMBER 6, 2024

Interpol, other law enforcement agencies, and cybersecurity firms teamed up for Operation Synergia II, shutting down 22,000 malicious servers that supported ransomware, phishing, and other attacks and arresting 41 people connected to the cybercrime campaigns.

Cybercrime 72

Cybercrime Phishing Ransomware Cybersecurity 72

Tech Republic Security

FEBRUARY 16, 2023

Learn how to protect your business and staff from the MortalKombat ransomware and Laplas Clipper malware. The post Cryptocurrency users in the US hit by ransomware and Clipper malware appeared first on TechRepublic.

Cryptocurrency 216

Cryptocurrency Malware Ransomware Phishing 216

eSecurity Planet

OCTOBER 22, 2024

One of the most concerning tactics currently on the rise is the ClickFix campaign — a sophisticated phishing scheme targeting unsuspecting Google Meet users. ClickFix campaigns represent a new wave of phishing tactics that emerged in May 2024, aimed at exploiting users of popular software applications. What Are ClickFix Campaigns?

Scams 124

Scams Malware Phishing Social Engineering 124