Security News

While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of the Qakbot botnet has had one notable effect: ransomware affiliates have switched to vulnerability exploitation as the primary method of delivering the malware. The researchers pointed out other current trends related to ransomware attacks: the attackers' use of vulnerable drivers, legitimate remote desktop tools, custom data exfiltration tools, and abuse of built-in Windows utilities to steal credentials.

LockBit ransomware could be deployed through compromised website links, phishing, credential theft or other methods. Must-read security coverage LockBit website shut down.

The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its...

LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, "has engaged with law enforcement," authorities said....

On Monday afternoon, LockBit's leak site has been taken over by a coalition of law enforcement agencies and is showing a seizure notice that promises more details today, at 11:30 GMT. "This site is now under the control of The National Crime Agency of the UK, working in close cooperation with the FBI and the international law enforcement task force, 'Operation Cronos'," the notice says. "We can confirm that Lockbit's services have been disrupted as a result of International Law Enforcement action - this is an ongoing and developing operation."

An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of...

In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. While some of these operations were more successful than others, law enforcement has been increasingly using hack-back tactics to infiltrate operations and disrupt them.

The US Justice Department announced today a disruption campaign against the Blackcat/ALPHV ransomware group and let victims know that there is a decryptor they can use. Over the past 18 months, ALPHV/Blackcat has emerged as the second most prolific ransomware-as-a-service variant in the world based on the hundreds of millions of dollars in ransoms paid by victims around the world.

A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours. BleepingComputer suspects that the ransomware gang may have suffered potential law enforcement action after their recent activities, which was also hinted at by others.

Considering the phenomenal increase in mobile and IoT devices, data traffic subscribers, and SIM connections, how have the security challenges evolved for telecom providers? Regardless of the security of the network connection, the consumer should be provided with the protection they need to keep them and their data safe.