Security News

After the Conti suffered a massive data breach, the ransomware operation shut down and its members splintered into different groups or launched their own ransomware operations. Ransomware phishing attacks also took front stage this week, with the Phorpiex botnet sending millions of emails that led to LockBit Black ransomware attacks, with the encryptor believed to have been created using LockBit's leaked source code.

A joint cybersecurity advisory from the Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, Department of Health and Human services and Multi-State Information Sharing and Analysis Center was recently released to provide more information about the Black Basta ransomware. According to cybersecurity company SentinelOne, Black Basta is highly likely tied to FIN7, a threat actor also known as "Carbanak," active since 2012 and affiliated with several ransomware operations.

In this Help Net Security video, Jeremy Nichols, Director, Global Threat Intelligence Center at NTT Security Holdings, discusses a recent surge in ransomware incidents. After a down year in 2022, ransomware and extortion incidents increased in 2023.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Today, the company announced that it has been indirectly impacted by a cybersecurity incident on one of its service providers, that has resulted in a data breach.In a short announcement, the Australian NCSC said that "a commercial health information organisation" reported being "The victim of a large-scale ransomware data breach incident."

The Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering...

Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests.

Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks. During this voice phishing attack, the attackers trick the victims into granting them access to their Windows devices by launching the Quick Assist built-in remote control and screen-sharing tool.

In this article, you will find excerpts from various reports that offer statistics and insights about the current ransomware landscape. In January, Corvus reported that global ransomware attacks in 2023 set a record high, surpassing 2022 by close to 70%. According to the data, 1,075 leak site ransomware victims were posted on leak sites during the first quarter of 2024, despite the disruption of two major ransomware groups, LockBit and ALPHV/BlackCat, which accounted for 22% and 8% of the activity, respectively.

The Singing River Health System is warning that it is now estimating that 895,204 people are impacted by a ransomware attack it suffered in August 2023. [...]