Security News

LockBit claims attack on California's Department of Finance
2022-12-13 21:24

The Department of Finance in California has been the target of a cyberattack now claimed by the LockBit ransomware gang. California Governor's Office of Emergency Services has confirmed that the Department of Finance has been affected by a cyber incident but did not provide too many details.

LockBit suspect cuffed after ransomware forces emergency services to use pen and paper
2022-11-12 08:57

In Brief A suspected member of the notorious international LockBit ransomware mob has been arrested - and could spend several years behind bars if convicted. "This arrest is the result of over two-and-a-half-years of investigation into the LockBit ransomware group, which has harmed victims in the United States and around the world," said Deputy Attorney General Lisa Monaco.

The Week in Ransomware - November 11th 2022 - LockBit feeling the heat
2022-11-11 22:25

Other reports have linked the Black Basta ransomware to FIN7, warned that Venus ransomware is targeting healthcare, linked the Russian Sandworm hackers with Ukrainian ransomware attacks, and detailed how a threat actor is distributing LockBit through the Amdey botnet. LockBit ransomware claims attack on Continental automotive giant.

Russian-Canadian National Charged Over Involvement in LockBit Ransomware Attacks
2022-11-11 09:19

The U.S. Department of Justice has announced charges against a dual Russian and Canadian national for his alleged participation in LockBit ransomware attacks across the world.Also found were a text file with instructions to deploy LockBit ransomware, the malware's source code, and a website that's believed to be the control panel operated by the group to administer the ransomware.

Russian LockBit ransomware operator arrested in Canada
2022-11-10 15:31

Europol has announced today the arrest of a Russian national linked to LockBit ransomware attacks targeting critical infrastructure organizations and high-profile companies worldwide. "One of the world's most prolific ransomware operators has been arrested on 26 October in Ontario, Canada," Europol said today.

LockBit affiliate uses Amadey Bot malware to deploy ransomware
2022-11-08 22:56

A LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device and encrypt devices. The Amadey Bot malware is an old strain capable of performing system reconnaissance, data exfiltration, and payload loading.

Amadey Bot Spotted Deploying LockBit 3.0 Ransomware on Hacked Machines
2022-11-08 14:52

The Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned. The document contains a malicious VBA macro that, when enabled by the victim, runs a PowerShell command to download and run Amadey.

LockBit ransomware claims attack on Continental automotive giant
2022-11-03 18:25

The LockBit ransomware gang has claimed responsibility for a cyberattack against the German multinational automotive group Continental.Since LockBit says that it will publish "All available" data, this indicates that Continental is yet to negotiate with the ransomware operation or it has already refused to comply with the demands.

Pendragon car dealer refuses $60 million LockBit ransomware demand
2022-10-24 14:51

Pendragon Group, with more than 200 car dealerships in the U.K., was breached in a cyberattack from the LockBit ransomware gang, who allegedly demanded $60 million to decrypt files and not leak them. Pendragon owns CarStore, Evans Halshaw, and Stratstone luxury car retailer, that sell brands cars for all budgets, from Jaguar, Porsche, Ferrari, Mercedes-Benz, BMW, Land Rover, or Aston Martin, to Renault, Ford, Hyundai, Nissan, Peugeot, Vauxhall, Citroen, DS, Dacia, and DAF. Pendragon did not provide many details about the security incident and limited the information to saying that there is no impact on operations.

LockBit 3.0 malware forced NHS tech supplier to shut down hosted sites
2022-10-14 08:32

Advanced, a managed software provider to the UK National Health Service, has confirmed that customer data was indeed lifted as part of the attack by cyber baddies that has disrupted operations for months. The incident disrupted healthcare customers, forcing NHS 111 medical services operators, for example, to revert back to pen and paper as digital services went AWOL, sources told us at the time.