Security News

The BlackSuit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid. While KADOKAWA revealed that they suffered a ransomware attack, they had not shared what ransomware operation was behind the attack.

The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. The development marks the threat's transition...

TechRepublic's cheat sheet about ransomware is an overview of this malware threat. As ransomware attacks have grown into the public consciousness, attackers have taken to crafting payloads that clearly indicate that a device has simply been hacked and that victims must pay the hackers to return access.

Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft. A joint report from SentinelLabs and Recorded Future analysts presents the case of ChamelGang, a suspected Chinese advanced persistent threat that has been using the CatB ransomware strain in attacks that impact high-profile organizations worldwide.

"Each iteration of this report highlights startling new trends: novel malware is growing with no signs of stopping, and threat actors are highly motivated, be it for financial gain or to create chaos," said Ismael Valenzuela, VP of Threat Research and Intelligence at BlackBerry. "In a year where over 50 countries are holding elections, geopolitical tensions are at an all-time high, and every nation will soon be fixated on the Olympic Games, the threat landscape can feel overwhelming to navigate. This report provides a snapshot of where threat actors are looking, how they are operating, and what we can expect in the coming months so defenders can be one step ahead," added Valenzuela.

Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critical infrastructure sectors across the world...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Ransomware attackers wielding a LockBit variant dubbed Brain Cipher have disrupted a temporary national data center facility which supports the operations of 200+ Indonesian government agencies and public services. Indonesia is working on creating four national data centers to support digital government efforts.

P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers. P2PInfect was first documented in July 2023 by Unit 42 researchers, targeting Redis servers using known vulnerabilities.

Some attacks - such as 2021's REvil attack on Kaseya - target backup systems first to ensure that backups will be useless after the malware scrambles production data. According to Veeam's 2023 Ransomware Trends Report, 93 percent of cyber attacks last year targeted backup storage to force ransom payments.