Security News

ALPHV/BlackCat threatens to leak data stolen in Change Healthcare cyberattack
2024-02-29 12:41

The ALPHV/BlackCat ransomware group has claimed responsibility for the cyberattack that targeted Optum, a subsidiary of UnitedHealth Group, causing disruption to the Change Healthcare platform and affecting pharmacy transactions across the US. ALPHV/BlackCat is back. 3000+ source code files for Change Healthcare solutions.

Back from the dead: LockBit taunts cops, threatens to leak Trump docs
2024-02-26 19:14

Officials have until March 2 to cough up or stolen data gets leaked LockBit claims it's back in action just days after an international law enforcement effort seized the ransomware gang's servers...

LockBit leak site is back online
2024-02-26 14:02

LockBitSupp, the individual running the LockBit ransomware-as-a-service operation, has made good on one promise: the LockBit leak site is back online on backup domains, with lists of victims expected to be unveiled in the coming days. Last week, Operation Cronos hit LockBit hard by taking over their leak site and affiliate panel, disrupting part of their infrastructure, and arresting some suspected affiliates.

LockBit extorted billions of dollars from victims, fresh leaks suggest
2024-02-23 22:30

The analysis showed addresses held around £100 million, £90 million of which was unspent, comprised largely of the payments made to LockBit by affiliates who were paid by victims. Although the cut taken by LockBit typically varies, around 20 percent of the total ransom fee is paid to the LockBit organization, while the affiliate who actually carried out the attack keeps the remainder.

Giant leak reveals Chinese infosec vendor I-Soon is one of Beijing's cyber-attackers for hire
2024-02-22 06:31

A cache of stolen document posted to GitHub appears to reveal how a Chinese infosec vendor named I-Soon offers rent-a-hacker services for Beijing. Analysis of the docs by infosec vendor SentinelOne characterizes I-Soon as "a company who competes for low-value hacking contracts from many government agencies."

LockBit leaks expose nearly 200 affiliates and bespoke data-stealing malware
2024-02-21 14:07

The latest revelation from law enforcement authorities in relation to this week's LockBit leaks is that the ransomware group had registered nearly 200 "Affiliates" over the past two years. List of LockBit 3.0 affiliates published by the NCA. The FBI first started investigating LockBit in 2020, and the group has since developed new variants of its ransomware, the latest of which was released in mid-2022, so the data shared today likely shows all the affiliates that have ever deployed the most recent version of LockBit.

Knight ransomware source code for sale after leak site shuts down
2024-02-20 16:28

The alleged source code for the third iteration of the Knight ransomware is being offered for sale to a single buyer on a hacker forum by a representative of the operation. Knight ransomware launched at the end of July 2023 as a re-brand of the Cyclops operation, targeting Windows, macOS, and Linux/ESXi systems.

Infosys subsidiary named as source of Bank of America data leak
2024-02-13 05:28

Indian tech services giant Infosys has been named as the source of a data leak suffered by the Bank of America. Infosys disclosed the breach in a November 3, 2023, filing [PDF] that revealed its US subsidiary Infosys McCamish Systems LLC "Has become aware of a cyber security incident resulting in non-availability of certain applications and systems in IMS.".

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords
2024-01-29 13:31

A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked...

AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks
2024-01-17 15:32

A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from the local memory space. [...]