Security News
Notorious ransomware gang LockBit's website has been taken over by law enforcement authorities, who claim they have disrupted the group's operations and will soon reveal the extent of an operation against the group. "We can confirm that LockBit's services have been disrupted as a result of International Law Enforcement action - this is an ongoing and developing operation," the page states, promising that more information will be revealed at 11:30 GMT on Tuesday February 20.
"Law enforcement agencies from 11 countries have disrupted the notorious LockBit ransomware operation in a joint operation known as ''Operation Cronos.""We can confirm that Lockbit's services have been disrupted as a result of International Law Enforcement action - this is an ongoing and developing operation."
The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month. As BleepingComputer first reported, the ransomware group gained access to the energy management and automation giant's Sustainability Business division on January 17th. The gang is now extorting the company, threatening to leak all the allegedly stolen data if a ransom demand is not paid.
The Department of State announced last week that it was offering $10 million for information identifying key leaders in the ALPHV ransomware gang or their locations, and $5 million for information leading to the arrest or conviction of anyone "Participating in or conspiring or attempting" to use the gang's notorious ransomware. ALPHV has made a habit of going after critical infrastructure targets, and last week claimed responsibility for an attack on the company operator of the Canadian Trans-Northern Pipelines, allegedly stealing around 190GB of data.
The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. LoanDepot revealed on January 22 that at least 16.6 million people had their personal information stolen in the ransomware attack they confirmed on January 8, two days after disclosing it as a "Cyber incident" on January 6.
Security researchers analyzing the Alpha ransomware payload and modus operandi discovered overlaps with the now-defunct Netwalker ransomware operation. The Alpha ransomware operation emerged in February 2023 but kept a low profile, didn't promote on hacker forums, nor did its operators carry out many attacks.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)...
The U.S. State Department is offering rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. An additional $5 million bounty is also available for tips on individuals trying to take part in ALPHV ransomware attacks, likely to discourage affiliates and initial access brokers.
The LockBit ransomware gang claims to be behind the recent cyberattack on Fulton County, Georgia, and is threatening to publish "Confidential" documents if a ransom is not paid. Fulton County has a population of a little over one million and it is the largest county in Georgia and the home of the state capital, Atlanta.
The Romanian national cybersecurity agency has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider. All hospitals caught up in the ransomware scourge are thought to have been breached via the HIS. Per legal reporting obligations in Romania, service providers must inform the DNSC and national CSIRT of incidents that significantly impact the continuity of essential services.