Security News

Russians plead guilty to involvement in LockBit ransomware attacks
2024-07-19 11:31

Two Russian nations have pleaded guilty to involvement in many LockBit ransomware attacks, which targeted victims worldwide and across the United States. LockBit affiliates like Vasiliev and Astamirov would identify and breach vulnerable systems on victims' networks, steal sensitive stored data, and help deploy ransomware payloads to encrypt files.

Russia’s FIN7 is peddling its EDR-nerfing malware to ransomware gangs
2024-07-18 13:40

Prolific Russian cybercrime syndicate FIN7 is using various pseudonyms to sell its custom security solution-disabling malware to different ransomware gangs. AvNeutralizer malware was previously thought to be solely linked to the Black Basta group, but fresh research has uncovered various underground forum listings of the malicious software now believed to be created by FIN7 operatives.

Ransomware continues to pile on costs for critical infrastructure victims
2024-07-17 15:01

Costs associated with ransomware attacks on critical national infrastructure organizations skyrocketed in the past year. There's a good chance that the numbers would be skewed if 100 percent of the total CNI ransomware victims polled were entirely transparent with their figures.

Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks
2024-07-17 05:50

The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal, Microsoft has revealed. Scattered Spider is the...

Microsoft links Scattered Spider hackers to Qilin ransomware attacks
2024-07-16 13:40

Microsoft says the Scattered Spider cybercrime gang has added Qilin ransomware to its arsenal and is now using it in attacks. "In the second quarter of 2024, financially motivated threat actor Octo Tempest, our most closely tracked ransomware threat actor, added RansomHub and Qilin to its ransomware payloads in campaigns," Microsoft said Monday.

SEXi ransomware rebrands to APT INC, continues VMware ESXi attacks
2024-07-15 14:27

The SEXi ransomware operation, known for targeting VMware ESXi servers, has rebranded under the name APT INC and has targeted numerous organizations in recent attacks. The ransomware operation was given the name SEXi based on the SEXi.txt ransom note name and the.

New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection
2024-07-15 05:10

Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts. "Unlike previous versions, HardBit Ransomware group enhanced the version 4.0 with passphrase protection," Cybereason researchers Kotaro Ogino and Koshi Oyama said in an analysis.

Rite Aid confirms data breach after June ransomware attack
2024-07-12 18:49

Pharmacy giant Rite Aid confirmed a data breach after suffering a cyberattack in June, which was claimed by the RansomHub ransomware operation. The company told BleepingComputer on Friday that it's currently investigating a cyberattack detected in June and working on sending data breach notifications to customers affected by the resulting data breach.

ARRL finally confirms ransomware gang stole data in cyberattack
2024-07-11 21:32

The American Radio Relay League (ARRL) finally confirmed that some of its employees' data was stolen in a May ransomware attack initially described as a "serious incident." [...]

Dallas County: Data of 200,000 exposed in 2023 ransomware attack
2024-07-11 17:15

Dallas County is notifying over 200,000 people that the Play ransomware attack, which occurred in October 2023, exposed their personal data to cybercriminals. Dallas County is the second largest county in Texas, with over 2.6 million residents.