Unending ransomware attacks are a symptom, not the sickness
(theregister.com)
Unending ransomware attacks are a symptom, not the sickness
Unending ransomware attacks are a symptom, not the sickness
Unending ransomware attacks are a symptom, not the sickness
(theregister.com)
Unending ransomware attacks are a symptom, not the sickness
Unending ransomware attacks are a symptom, not the sickness
LockBit Hacked – Plaintext Passwords
(gbhackers.com)
The notorious LockBit ransomware group, once considered one of the world’s most prolific cyber extortion rings, has itself become the victim of a major cyberattack.
The notorious LockBit ransomware group, once considered one of the world’s most prolific cyber extortion rings, has itself become the victim of a major cyberattack.
Chaos spreads at Co-op and M&S following DragonForce ransomware attacks
(computerweekly.com)
The bank holiday weekend saw continuing disruption from a series of cyber attacks on the UK retail sector that have unfolded over the past fortnight, with gaps appearing on shelves at Marks and Spencer (M&S) and Co-op.
The bank holiday weekend saw continuing disruption from a series of cyber attacks on the UK retail sector that have unfolded over the past fortnight, with gaps appearing on shelves at Marks and Spencer (M&S) and Co-op.
Ransomware Gangs Weaponize Employee Burnout to Breach Corporate Defenses
(secureworld.io)
Burnout isn't just killing productivity—it's breaking cybersecurity wide open, with 65% of security professionals reporting increased pressure and stress.
Burnout isn't just killing productivity—it's breaking cybersecurity wide open, with 65% of security professionals reporting increased pressure and stress.
Simulating, Detecting and Responding to S3 Ransomware Attacks
(raphabot.com)
I am fascinated by the world of possibilities that Cloud Computing enables people and organizations to achieve. When it comes to security, tools and frameworks such as the Shared Responsibility Model make following good security practices easier than ever. I am equally fascinated by new attack vectors that Cloud Computing enables bad actors to achieve, though.
I am fascinated by the world of possibilities that Cloud Computing enables people and organizations to achieve. When it comes to security, tools and frameworks such as the Shared Responsibility Model make following good security practices easier than ever. I am equally fascinated by new attack vectors that Cloud Computing enables bad actors to achieve, though.
DOGE-Trolling Ransomware Hackers Demand $1T in Chilling Attack
(forbes.com)
The same criminal group behind the DOGE Big Balls ransomware attack has just upped the ante. A newly updated ransom note sent to victims is now trolling Elon Musk and DOGE by demanding a ridiculous extortion fee of, and I trust you are sitting down, one trillion dollars from victims. This one has Dr Evil written all over it.
The same criminal group behind the DOGE Big Balls ransomware attack has just upped the ante. A newly updated ransom note sent to victims is now trolling Elon Musk and DOGE by demanding a ridiculous extortion fee of, and I trust you are sitting down, one trillion dollars from victims. This one has Dr Evil written all over it.
Microsoft warns how domain controllers can be used to spread ransomware
(scworld.com)
Microsoft is warning of the threat posed by attacks targeting domain controllers and the critical role compromises on those systems can play in network attacks.
Microsoft is warning of the threat posed by attacks targeting domain controllers and the critical role compromises on those systems can play in network attacks.
Leaked messages expose trade secrets of prolific Black Basta ransomware group
(arstechnica.com)
A leak of 190,000 chat messages traded among members of the Black Basta ransomware group shows that it’s a highly structured and mostly efficient organization staffed by personnel with expertise in various specialities, including exploit development, infrastructure optimization, social engineering, and more.
A leak of 190,000 chat messages traded among members of the Black Basta ransomware group shows that it’s a highly structured and mostly efficient organization staffed by personnel with expertise in various specialities, including exploit development, infrastructure optimization, social engineering, and more.
NSA warns "fast flux" threatens national security
(arstechnica.com)
A technique that hostile nation-states and financially motivated ransomware groups are using to hide their operations poses a threat to critical infrastructure and national security, the National Security Agency has warned.
A technique that hostile nation-states and financially motivated ransomware groups are using to hide their operations poses a threat to critical infrastructure and national security, the National Security Agency has warned.
Crimelords at Hunters International tell lackeys ransomware too 'risky'
(theregister.com)
Big-game ransomware crew Hunters International says its criminal undertaking has become "unpromising, low-converting, and extremely risky," and it is mulling shifting tactics amid an apparent rebrand.
Big-game ransomware crew Hunters International says its criminal undertaking has become "unpromising, low-converting, and extremely risky," and it is mulling shifting tactics amid an apparent rebrand.
You Have 7 Days to Act Following Gmail Lockout Hack Attacks, Google Says
(forbes.com)
As the FBI takes the unusual step of warning users of webmail platforms, including Gmail, to enable two-factor authentication in the light of a dangerous new ransomware threat campaign, Google email users still have more mundane hacking threats on their minds.
As the FBI takes the unusual step of warning users of webmail platforms, including Gmail, to enable two-factor authentication in the light of a dangerous new ransomware threat campaign, Google email users still have more mundane hacking threats on their minds.
VSCode extensions found downloading early-stage ransomware
(bleepingcomputer.com)
Two malicious VSCode Marketplace extensions were found deploying in-development ransomware, exposing critical gaps in Microsoft's review process.
Two malicious VSCode Marketplace extensions were found deploying in-development ransomware, exposing critical gaps in Microsoft's review process.
Hack: 6M Records for Sale Exfiltrated from Oracle Cloud Affecting 140k+ Tenants
(cloudsek.com)
CloudSEK uncovers a major breach targeting Oracle Cloud, with 6 million records exfiltrated via a suspected undisclosed vulnerability. Over 140,000 tenants are impacted, as the attacker demands ransom and markets sensitive data online. Learn the full scope, risks, and how to respond. Are you worried your organization might be affected? Check your exposure here - https://exposure.cloudsek.com/oracle
CloudSEK uncovers a major breach targeting Oracle Cloud, with 6 million records exfiltrated via a suspected undisclosed vulnerability. Over 140,000 tenants are impacted, as the attacker demands ransom and markets sensitive data online. Learn the full scope, risks, and how to respond. Are you worried your organization might be affected? Check your exposure here - https://exposure.cloudsek.com/oracle
VSCode extensions found downloading early-stage ransomware
(bleepingcomputer.com)
Two malicious VSCode Marketplace extensions were found deploying in-development ransomware, exposing critical gaps in Microsoft's review process.
Two malicious VSCode Marketplace extensions were found deploying in-development ransomware, exposing critical gaps in Microsoft's review process.
Decrypting encrypted files from Akira ransomware using a bunch of GPUs
(tinyhack.com)
I recently helped a company recover their data from the Akira ransomware without paying the ransom. I’m sharing how I did it, along with the full source code.
I recently helped a company recover their data from the Akira ransomware without paying the ransom. I’m sharing how I did it, along with the full source code.
Decrypting Encrypted files from Akira Ransomware using a bunch of GPUs
(tinyhack.com)
I recently helped a company recover their data from the Akira ransomware without paying the ransom. I’m sharing how I did it, along with the full source code.
I recently helped a company recover their data from the Akira ransomware without paying the ransom. I’m sharing how I did it, along with the full source code.
Ransomware gang encrypted network from a webcam to bypass EDR
(bleepingcomputer.com)
The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows.
The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows.
FBI Says Backup Now–Advisory Warns of Dangerous Ransomware Attacks
(forbes.com)
The FBI warns organizations to backup now.
The FBI warns organizations to backup now.
A trove of leaked Black Basta logs expose the ransomware gang's members, victims
(techcrunch.com)
A trove of chat logs allegedly belonging to the Black Basta ransomware group has leaked online, exposing key members of the prolific Russia-linked gang.
A trove of chat logs allegedly belonging to the Black Basta ransomware group has leaked online, exposing key members of the prolific Russia-linked gang.
US publisher uses linguistic gymnastics to avoid saying outage due to ransomware
(theregister.com)
US newspaper publisher Lee Enterprises is blaming its recent service disruptions on a "cybersecurity attack," per a regulatory filing, and is the latest company to avoid using the dreaded R word.
US newspaper publisher Lee Enterprises is blaming its recent service disruptions on a "cybersecurity attack," per a regulatory filing, and is the latest company to avoid using the dreaded R word.
Ministers consider ban on all UK public bodies making ransomware payments
(theguardian.com)
Schools, the NHS and local councils will be banned from making ransomware payments under government proposals to tackle hackers.
Schools, the NHS and local councils will be banned from making ransomware payments under government proposals to tackle hackers.
US Charges Russian and Israeli National as Developer of LockBit Ransomware Group
(justice.gov)
The Justice Department’s work going after the world’s most dangerous ransomware schemes includes not only dismantling networks, but also finding and bringing to justice the individuals responsible for building and running them,” said Attorney General Merrick B. Garland. “Three of the individuals who we allege are responsible for LockBit’s cyberattacks against thousands of victims are now in custody, and we will continue to work alongside our partners to hold accountable all those who lead and enable ransomware attacks.”
The Justice Department’s work going after the world’s most dangerous ransomware schemes includes not only dismantling networks, but also finding and bringing to justice the individuals responsible for building and running them,” said Attorney General Merrick B. Garland. “Three of the individuals who we allege are responsible for LockBit’s cyberattacks against thousands of victims are now in custody, and we will continue to work alongside our partners to hold accountable all those who lead and enable ransomware attacks.”
Vodka maker Stoli says August ransomware attack contributed to bankruptcy filing
(therecord.media)
A ransomware attack on the multinational Stoli Group in August helped push two of the vodka-maker’s U.S. subsidiaries into bankruptcy, the company’s CEO said last week.
A ransomware attack on the multinational Stoli Group in August helped push two of the vodka-maker’s U.S. subsidiaries into bankruptcy, the company’s CEO said last week.
U.S. Offered $10M for Hacker Just Arrested by Russia
(krebsonsecurity.com)
In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies.
In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies.
Vodka maker Stoli files for bankruptcy in US after ransomware attack
(bleepingcomputer.com)
Stoli Group's U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company's remaining distilleries in the country.
Stoli Group's U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company's remaining distilleries in the country.
US extradites Russian for extorting millions in Phobos ransomware payments
(techcrunch.com)
The U.S. government has secured the extradition of an alleged Russian hacker who allegedly served as a key administrator of the prolific Phobos ransomware operation.
The U.S. government has secured the extradition of an alleged Russian hacker who allegedly served as a key administrator of the prolific Phobos ransomware operation.