Security News

Read more about a joint operation between several law enforcement agencies across the globe to tackle RedLine Stealer and META malware.

The German police have successfully deanonymized at least four Tor users. It appears they watch known Tor relays and known suspects, and use timing analysis to figure out who is using what relay....

The Bumblebee malware loader has been spotted in new attacks recently, more than four months after Europol disrupted it during 'Operation Endgame' in May. [...]

Another encrypted communication platform used by criminals has been dismantled and its alleged mastermind arrested, the Australian Federal Police has announced on Tuesday. “AFP Operation Kraken...

After peaking in late 2023, the ransomware industry is beginning to stabilize in productivity, with notable developments in ransomware targets, and industry dynamics, according to WithSecure....

Two men have pleaded guilty to hacking into a federal law enforcement database to steal personal information of those they were extorting. The two men, Sagar Steven Singh and Nicholas Ceraolo are members of a hacking group called "ViLE," which accessed the sensitive personal information from the portal and then used it to blackmail the victims, threatening to publish the sensitive data unless they were paid.

Ransomware remains one of the most pressing cybersecurity threats in 2024, with attackers continually evolving their methods to maximize impact and evade detection. In this Help Net Security round-up, we present excerpts from previously recorded videos featuring cybersecurity experts discussing ransomware-related topics such as payment practices, the recent surge in ransomware attacks, and more.

According to the report, among organizations surveyed, 97% of those hit by ransomware over the past year engaged with law enforcement and/or official government bodies for help with the attack. 59% of those organizations that did engage with law enforcement found the process easy or somewhat easy.

Despite significant disruptions for high-profile ransomware gangs LockBit and BlackCat, Q1 2024 became the most active first quarter ever recorded - a 21% increase over Q1 2023, according to Corvus Insurance. In January, Corvus reported that global ransomware attacks in 2023 set a record high, surpassing 2022 by close to 70%. The Q1 Ransomware Report shows that 2024 is picking up right where 2023 left off.

While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have switched to vulnerability exploitation as the primary method of delivering the malware. The researchers pointed out other current trends related to ransomware attacks: the attackers' use of vulnerable drivers, legitimate remote desktop tools, custom data exfiltration tools, and abuse of built-in Windows utilities to steal credentials.