Security News

LockBit alleges it boarded Boeing, stole 'sensitive data'
2023-10-30 02:30

"Security In Brief Notorious ransomware gang LockBit has reportedly exfiltrated"a tremendous amount of sensitive data from aerospace outfit Boeing. VX underground published a screenshot of Lockbit's announcement, and threat to expose data if Boeing does not engage with it by November 2nd. Boeing has told US media it is investigating Lockbit's claims.

CDW data to be leaked next week after negotiations with LockBit break down
2023-10-06 13:21

CDW, one of the largest resellers on the planet, will have its data leaked by LockBit after negotiations over the ransom fee broke down, a spokesperson for the cybercrime gang says. LockBit did not respond to questions relating to what its original ransom demand was or what CDW offered in the negotiations.

Attackers use fallback ransomware if LockBit gets blocked
2023-09-14 10:06

Your security solutions might stave off a LockBit infection, but you might still end up with encrypted files: according to Symantec's threat researchers, some affiliates are using the 3AM ransomware as a fallback option in case LockBit gets flagged and blocked. LockBit is a known ransomware family that has been unleashing havoc for quite some time now.

Hackers use new 3AM ransomware to save failed LockBit attack
2023-09-13 12:29

A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed to deploy LockBit ransomware on a target network. Researchers say in a report today that the new malware "Has only been used in a limited fashion" and it was a ransomware affiliate's fallback when defense mechanisms blocked LockBit.

LockBit leaks sensitive data from maximum security fence manufacturer
2023-09-05 14:19

The LockBit ransomware group has breached Zaun, a UK-based manufacturer of fencing systems for military sites and critical utilities, by compromising a legacy computer running Windows 7 and using it as an initial point of access to the wider company network. "At the time of the attack, we believed that our cyber-security software had thwarted any transfer of data. However, we can now confirm that during the attack LockBit managed to download some data, possibly limited to the vulnerable PC but with a risk that some data on the server was accessed. It is believed that this is 10 GB of data, 0.74% of our stored data. LockBit will have potentially gained access to some historic emails, orders, drawings and project files, we do not believe that any classified documents were stored on the system or have been compromised."

Spain warns of LockBit Locker ransomware phishing attacks
2023-08-28 18:25

The National Police of Spain is warning of an ongoing 'LockBit Locker' ransomware campaign targeting architecture companies in the country through phishing emails. BleepingComputer's analysis shows that the executed Python script will check if the user is an admin of the device, and if so, make modifications to the system for persistence and then executes the 'LockBit Locker' ransomware to encrypt files.

LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants
2023-08-26 10:26

The leak of the LockBit 3.0 ransomware builder last year has led to threat actors abusing the tool to spawn new variants. Russian cybersecurity company Kaspersky said it detected a ransomware intrusion that deployed a version of LockBit but with a markedly different ransom demand procedure.

Akamai Report: LockBit, Cl0P Expand Ransomware Efforts
2023-08-19 16:29

Phishing is so last year: Akamai's report finds that zero-day and one-day vulnerabilities caused a 143% increase in total ransomware victims. Akamai's ransomware report released at Black Hat 2023 revealed that exploitation of zero-day and one-day vulnerabilities has led to a 143% increase in total ransomware victims with data exfiltration of files at the end of the kill chain, now the primary source of extortion.

The Week in Ransomware - August 18th 2023 - LockBit on Thin Ice
2023-08-18 21:07

While there was quite a bit of ransomware news this week, the highlighted story was the release of Jon DiMaggio's third article in the Ransomware Diaries series, with the focus of this article on...

LockBit louts unload ransomware at Japan’s most prolific cargo port
2023-07-06 03:13

The port of Nagoya - which shifted 2.68 million shipping containers and 164 million tons of cargo in 2022 - has moved precious few in the last 24 hours after finding itself the latest victim of Russia's notorious LockBit ransomware gang. Japanese media have reported substantial disruptions at the port and named LockBit as the culprit.