Security News

Pay, fight, or stall? The dilemma of ransomware negotiations
2025-03-17 06:00

Ransomware negotiations are a high-stakes game where every decision matters. In this Help Net Security video, Kurtis Minder, CEO at GroupSense, takes us inside the world of ransomware...

New Akira ransomware decryptor cracks encryptions keys using GPUs
2025-03-15 14:16

Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of Akira ransomware, which utilizes GPU power to retrieve the decryption key and unlock files for free. [...]

Ransomware gang creates tool to automate VPN brute-force attacks
2025-03-14 16:55

The Black Basta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and VPNs. [...]

Suspected LockBit ransomware dev extradited to United States
2025-03-14 14:22

A dual Russian-Israeli national, suspected of being a key developer for the LockBit ransomware operation, has been extradited to the United States to face charges. [...]

Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom
2025-03-14 11:25

Cyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold—from the initial breach to the moment hackers demand payment. Join Joseph Carson, Delinea’s Chief...

New kids on the ransomware block channel Lockbit to raid Fortinet firewalls
2025-03-14 11:01

It's March already and you haven't patched? Researchers are tracking a newly discovered ransomware group with suspected links to LockBit after a series of intrusions were reported starting in January.…

New SuperBlack ransomware exploits Fortinet auth bypass flaws
2025-03-13 19:57

A new ransomware operator named 'Mora_001' is exploiting two Fortinet vulnerabilities to gain unauthorized access to firewall appliances and deploy a custom ransomware strain dubbed SuperBlack. [...]

Medusa ransomware affiliate tried triple extortion scam – up from the usual double demand
2025-03-13 08:26

Feds warn gang still rampant and now cracked 300+ victims around the world A crook who distributes the Medusa ransomware tried to make a victim cough up three payments instead of the usual two,...

CISA: Medusa ransomware hit over 300 critical infrastructure orgs
2025-03-12 19:26

CISA says the Medusa ransomware operation has impacted over 300 organizations in critical infrastructure sectors in the United States until last month. [...]

FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations
2025-03-07 14:15

Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous...