Security News

PandaBuy pays ransom to hacker only to get extorted again
2024-06-06 15:18

Chinese shopping platform Pandabuy told BleepingComputer it previously paid a a ransom demand to prevent stolen data from being leaked, only for the same threat actor to extort the company again this week. On March 31, 2024, a threat actor using the alias 'Sanggiero' published 3 million rows of data stolen from PandaBuy on BreachForums, exposing customer names, phone numbers, email addresses, login IP addresses, home addresses, and order details.

Cybercriminals shift tactics to pressure more victims into paying ransoms
2024-05-20 04:00

Ransomware didn't just grow in the US in 2023, it evolved, with the frequency of ransomware claims jumping 64% year-over-year, according to At-Bay. Double leverage attacks - those using both data encryption and exfiltration - also grew by 51% in 2023, demonstrating that threat actors shifted their tactics to pressure more victims into paying ransoms.

Ransom recovery costs reach $2.73 million
2024-05-03 05:00

Excluding ransoms, the survey found the average cost of recovery reached $2.73 million, an increase of almost $1 million since the $1.82 million that Sophos reported in 2023. 46% of organizations with revenue of less $50 million received a seven-figure ransom demand in the last year.

UnitedHealth CEO: 'Decision to pay ransom was mine'
2024-04-30 19:51

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery
2024-04-23 10:22

Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there's a...

Ransomware group maturity should influence ransom payment decision
2024-04-11 13:07

Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from attackers' servers, and/or not leaked online. The decision will depend on a variety of factors but, according to GuidePoint Security, an important one should be the overall maturity and prominence of the ransomware operators who pulled off the attack.

INC Ransom claims to be behind 'cyber incident' at UK city council
2024-04-02 11:15

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

INC Ransom claims responsibility for attack on NHS Scotland
2024-03-28 10:27

NHS Scotland says it managed to contain a ransomware group's malware to a regional branch, preventing the spread of infection across the entire institution.The INC Ransom group this week claimed responsibility for the assault on 'NHS Scotland', saying it stole 3TB worth of data while leaking a small number of sensitive files.

INC Ransom threatens to leak 3TB of NHS Scotland stolen data
2024-03-27 17:59

The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service of Scotland. In a post yesterday, the cybercriminals shared multiple images containing medical details and said that they would leak data "Soon," unless the NHS pays a ransom.

BlackCat ransomware turns off servers amid claim they stole $22 million ransom
2024-03-04 17:44

The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million. Today, BleepingComputer confirmed the ransomware operations negotiation sites are now shut down as well, indicating a further deliberate take down of the ransomware gang's infrastructure.