Krebs on Security

MAY 11, 2020

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. The 35,000-employee company also produces point-of-sale systems and software used by many retailers. in March. . WEEKEND WARRIORS.

Ransomware 362

Ransomware Retail Malware Data breaches 362

Security Affairs

MARCH 1, 2025

Microsoft warns of a Paragon Partition Manager BioNTdrv.sys driver zero-day flaw actively exploited by ransomware gangs inattacks. The IT giant reported that one of these flaws is exploited by ransomware groups inzero-dayattacks. Microsoft reported that ransomware groups exploited CVE-2025-0289 to gain SYSTEM-level access.

Ransomware 115

Ransomware Software Hacking Cybercrime 115

Security Affairs

DECEMBER 22, 2024

US authorities charged a dual Russian and Israeli national for being a developer of the LockBit ransomware group. Rostislav Panev, 51, a dual Russian-Israeli national, was charged as a LockBit ransomware developer. The man is accused of being a LockBit ransomware developer from 2019 through at least February 2024.

Ransomware 118

Ransomware Small Business Antivirus Malware 118

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. “Tools that are usually associated with China-based espionage actors were recently deployed in an attack involving the RA World ransomware against an Asian software and services company.

Ransomware 117

Ransomware Software Cybercrime Encryption 117

Malwarebytes

DECEMBER 2, 2024

The US Department of Justice has charged a Russian national named Evgenii Ptitsyn with selling, operating, and distributing a ransomware variant known as “Phobos” during a four-year cybercriminal campaign that extorted at least $16 million from victims across the world.

Ransomware 123

Ransomware Backups Small Business Malware 123

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide.

Ransomware 110

Ransomware IoT Encryption Social Engineering 110

Krebs on Security

MARCH 2, 2021

PrismHR , a company that sells technology used by other firms to help more than 80,000 small businesses manage payroll, benefits, and human resources, has suffered what appears to be an ongoing ransomware attack that is disrupting many of its services. “Prism is the only real option on the PEO software market,” he said.

Ransomware 338

Ransomware Small Business Insurance Software 338

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. There are multiple examples of ransomware groups doing just that after security researchers crowed about finding vulnerabilities in their ransomware code. This is not an idle concern.

Ransomware 354

Ransomware Encryption Backups Manufacturing 354

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware.

Healthcare 327

Healthcare Ransomware Antivirus Hacking 327

Schneier on Security

MARCH 23, 2023

A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack : TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward.

Ransomware 278

Ransomware Hacking Software 278

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog. and Europe in early March.” So it’s a double vig.”

Ransomware 340

Ransomware Backups Encryption Internet 340

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But according to Microsoft and an advisory from the U.S. National Security Agency (NSA).

Healthcare 339

Healthcare Ransomware Cybersecurity Malware 339

Security Affairs

NOVEMBER 6, 2024

Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, and disrupted the access to its Electronic Health Record system. Ransomware attacks on U.S. terabytes of data.

Ransomware 123

Ransomware Healthcare Antivirus Data breaches 123

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. ” Meanwhile, the U.S.

Ransomware 329

Ransomware Accountability Cybercrime Malware 329

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest.

Cybercrime 231

Cybercrime Ransomware Cryptocurrency Government 231

Security Boulevard

FEBRUARY 14, 2025

A Chinese threat actor who targeted an Asian software company used the same toolset for the ransomware attack that was found in multiple cyberespionage incidents, leaving Symantec analysts to believe the hacker was a Chinese spy who used the malicious tools to earn some money on the side.

Ransomware 101

Ransomware Software Malware Cybersecurity 101

eSecurity Planet

NOVEMBER 6, 2024

Following a July 18 attack by the Rhysida ransomware group — believed to have Russian affiliations — Columbus is still reeling from the exposure of vast amounts of sensitive resident data. Also, consider regularly patching software and keeping systems updated to close security gaps that attackers could exploit.

Ransomware 116

Ransomware Authentication Identity Theft Penetration Testing 116

Krebs on Security

JUNE 14, 2022

The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web. Many security experts believe ALPHV/BlackCat is simply a rebrand of another ransomware group — “ Darkside ” a.k.a.

Ransomware 306

Ransomware Internet Internet Cybercrime 306

eSecurity Planet

MARCH 17, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has released a joint cybersecurity advisory warning organizations about the escalating threat posed by the Medusa ransomware.

Ransomware 76

Ransomware Backups Firmware Insurance 76

Digital Shadows

NOVEMBER 12, 2024

Ransomware Activity Targeting the Construction Sector Ransomware remains the biggest threat to the sector, as demonstrated by the 41% rise in organizations appearing on data-leak sites over the past year.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

Security Boulevard

MARCH 17, 2025

A software programmer developed a way to use brute force to break the encryption of the notorious Akira ransomware using GPU compute power and enabling some victims of the Linux-focused variant of the malware to regain their encrypted data without having to pay a ransom.

Ransomware 80

Ransomware Encryption Malware Software 80

Security Boulevard

FEBRUARY 14, 2025

Ransomware continues to be a formidable threat in the cybersecurity landscape, evolving in complexity and sophistication. It is a type of malicious software that encrypts a victims files or restricts access to their system, demanding payment for decryption or restoration.

Ransomware 88

Ransomware Encryption Software Cybersecurity 88

The Hacker News

JULY 10, 2024

A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5)

Backups 140

Backups Software Ransomware 140

The Last Watchdog

OCTOBER 23, 2024

Cybersecurity training for small businesses is critical, and SMBs should invest in training programs to help employees recognize threats such as phishing attacks, ransomware, and other malicious activities. INE Security advises businesses to secure their network by using firewalls, encrypting data, and regularly updating security software.

Small Business 162

Small Business Data breaches Backups Passwords 162

Security Affairs

OCTOBER 19, 2024

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Veeam Backup & Replication is a comprehensive data protection and disaster recovery software developed by Veeam. reads the advisory.

Backups 128

Backups VPN Ransomware Authentication 128

Security Boulevard

DECEMBER 30, 2024

The post Best of 2024: 30,000 Dealerships Down Ransomware Outage Outrage no. Spend more on security! Car and truck dealers fall back on pen and paper as huge SaaS provider gets hacked (again). 2 at CDK Global appeared first on Security Boulevard.

Ransomware 115

Ransomware Hacking Software 115

Security Affairs

JANUARY 16, 2025

The Clop ransomware gang claims dozens of victims from a Cleo file transfer vulnerability, though several companies dispute the breaches. The Clop ransomware group added 59 new companies to its leak site, the gain claims to have breached them by exploiting a vulnerability in Cleo file transfer products. are still exploitable.

Ransomware 69

Ransomware Software Hacking Cybersecurity 69

Security Boulevard

JANUARY 10, 2025

Giant education software provider PowerSchool reported that hackers using compromised credentials access a database and stole student and teacher data in an attack that the company said was not ransomware, though a ransom apparently was paid. Affected K-12 school districts are scrambling to alert parents and staffs.

Education 115

Education Ransomware Software Data privacy 115

Tech Republic Security

FEBRUARY 7, 2023

These ransomware infections on VMware ESXi software are due to a vulnerability that has existed since 2021. The post Massive ransomware operation targets VMware ESXi: How to protect from this security threat appeared first on TechRepublic. Find out the most targeted countries and how to secure your organization.

Ransomware 193

Ransomware Software Cybersecurity Network Security 193

Krebs on Security

NOVEMBER 19, 2024

Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. However, it did reference many of the same banks called out as Finastra customers in the Nov.

Data breaches 293

Data breaches Banking Cybercrime Advertising 293

Krebs on Security

SEPTEMBER 27, 2023

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The victim shaming website for the Snatch ransomware gang. com and www-discord[.]com. the now-defunct pittsburghcitygirls[.]com).

Ransomware 314

Ransomware Internet Internet Phishing 314

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware 68

Ransomware Encryption Cryptocurrency Insurance 68

eSecurity Planet

NOVEMBER 12, 2024

Aside from antivirus, Norton offers ransomware and hacking protection, privacy monitoring, and a VPN. Norton has multiple training videos and help articles for using the software, and it offers phone, email, and chat options for customer support. Norton Overview Better for Ease of Use & Customer Support Overall Rating: 4.2/5

Antivirus 64

Antivirus Software Identity Theft VPN 64

Security Affairs

MARCH 24, 2025

“In this scenario, criminals use free online document converter tools to load malware onto victims computers, leading to incidents such as ransomware.” ” Victims often realize too late that malware has infected their devices, leading to ransomware or identity theft. ” reads the alert.

Malware 114

Malware Scams Identity Theft Antivirus 114

The Last Watchdog

DECEMBER 16, 2024

Williams Dr. Darren Williams , CEO, BlackFog Lesser-known ransomware groups like Hunters International will grow rapidly, leveraging AI for more efficient attacks, while “gang-hopping” by cybercriminals complicates attribution and containment. This empowers them to proactively prioritize what matters most.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

The Last Watchdog

JUNE 20, 2022

I had the chance at RSA Conference 2022 to visit with John Shier, senior security advisor at Sophos, a security software and hardware company. Or the payload might be a data exfiltration routine — or a full-blown ransomware attack. Speaking of ransomware, cyber extortion continues to persist at a plague level.

Ransomware 235

Ransomware Digital transformation Marketing Software 235

Tech Republic Security

OCTOBER 17, 2024

Attackers launched 600 million cybercriminal and nation-state threats on Microsoft customers daily, including ransomware attacks, in the last year, according to the tech giant.

Ransomware 202

Ransomware Artificial Intelligence Software 202