Security News

LockBit 3.0 Ransomware: Inside the Cyberthreat That's Costing Millions
2023-03-18 05:17

U.S. government agencies have released a joint cybersecurity advisory detailing the indicators of compromise and tactics, techniques, and procedures associated with the notorious LockBit 3.0 ransomware. "The LockBit 3.0 ransomware operations function as a Ransomware-as-a-Service model and is a continuation of previous versions of the ransomware, LockBit 2.0, and LockBit," the authorities said.

LockBit ransomware claims Essendant attack, company says  “network outage”
2023-03-15 18:50

LockBit ransomware has claimed a cyber attack on Essendant, a wholesale distributer of office products after a "Significant" and ongoing outage knocked the company's operations offline. As earlier reported by BleepingComputer, Essendant's wide-spread network outage has been preventing placement or fulfillment of online orders, and impacting both the company's customers and suppliers.

The Prolificacy of LockBit Ransomware
2023-03-14 11:52

Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat Actor, LockBit has stepped out from the shadows of the Conti ransomware group, who were disbanded in early 2022.

LockBit brags: We'll leak thousands of SpaceX blueprints stolen from supplier
2023-03-13 23:40

Ransomware gang Lockbit has boasted it broke into Maximum Industries, which makes parts for SpaceX, and stole 3,000 proprietary schematics developed by Elon Musk's rocketeers. The prolific cybercrime crew also mocked the SpaceX supremo, and threatened to leak or sell on the blueprints from March 20 if the gang's demands to pay up aren't met.

New Exfiltrator-22 post-exploitation kit linked to LockBit ransomware
2023-02-27 20:04

Threat actors are promoting a new 'Exfiltrator-22' post-exploitation framework designed to spread ransomware in corporate networks while evading detection. Threat analysts at CYFIRMA claim that this new framework was created by former Lockbit 3.0 affiliates who are experts in anti-analysis and defense evasion, offering a robust solution in exchange for a subscription fee.

LockBit's Royal Mail ransom deadline flies by. No data released
2023-02-13 12:38

In brief The notorious LockBit ransomware gang has taken credit for an attack on the Royal Mail - but a deadline it gave for payment has come and gone with nothing exposed to the web except the group's claims. LockBit even published a page bragging of an attack against fintech firm ION without directly acknowledging the Royal Mail attack earlier this week - though that's now changed, according to Reuters.

LockBit ransomware gang claims Royal Mail cyberattack
2023-02-07 09:22

The LockBit ransomware operation has claimed the cyberattack on UK's leading mail delivery service Royal Mail that forced the company to halt its international shipping services due to "Severe service disruption." This comes after LockBitSupport, the ransomware gang public-facing representative, previously told BleepingComputer that the LockBit cybercrime group did not attack Royal Mail.

LockBit brags it pumped ION full of ransomware
2023-02-03 07:30

UK regulators are investigating a cyberattack against financial technology firm ION, while the LockBit ransomware gang has threatened to publish the stolen data on February 4 if the software provider doesn't pay up. According to a statement posted on ION Market's website, its ION Cleared Derivatives division "Experienced a cybersecurity event" on January 31.

LockBit ransomware goes 'Green,' uses new Conti-based encryptor
2023-02-01 22:48

The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for the Conti ransomware. This week, cybersecurity collective VX-Underground first reported that the ransomware gang is now using a new encryptor named 'LockBit Green,' based on the leaked source code of the now-disbanded Conti gang.

The Week in Ransomware - January 13th 2023 - LockBit in the spotlight
2023-01-14 00:17

The LockBit ransomware operation has again taken center stage in the ransomware news, as we learned yesterday they were behind the attack on Royal Mail. Yesterday, we learned that this disruption was caused by a LockBit ransomware attack that encrypted the computers used to print customs dockets required for international shipping.