Security News
An Ottawa man convicted on charges related to a ransomware attack affecting hundreds of victims was sentenced to two years behind bars on Friday. The number of ransomware victims paying ransom demands has dropped to a record low of 29% in the final quarter of 2023, according to ransomware negotiation firm Coveware.
Interpol has arrested 31 people following a three-month operation to stamp out various types of cybercrime.Spanning 55 countries, from Albania to Australia, Operation Synergia identified more than 1,300 malicious servers, dismantling more than 70 percent of those used as part of command and control infrastructure that supported phishing, banking malware, and ransomware.
An INTERPOL-led collaborative operation targeting phishing, banking malware, and ransomware attacks has led to the identification of 1,300 suspicious IP addresses and URLs. The law enforcement...
Ransomware gang LockBit is claiming responsibility for an attack on a Chicago children's hospital in an apparent deviation from its previous policy of not targeting nonprofits.Stooping to new lows, the criminals are reportedly unwilling to reverse the attack on Saint Anthony Hospital, as they had done in previous cases such as Toronto's SickKids hospital.
The data from ransomware response and negotiation company Coveware continues a downward trend since it began monitoring in 2019, when it said the rate of companies choosing to pay ransomware actors was a whopping 85 percent. Along with a decrease in overall ransomware payments, Coveware found that payments for data exfiltration-only incidents also hit an all-time low since it began tracking them in 2022.
Security researchers believe the Akira ransomware group could be exploiting a nearly four-year-old Cisco vulnerability and using it as an entry point into organizations' systems. In eight of security company TrueSec's most recent incident response engagements that involved Akira and Cisco's AnyConnect SSL VPN as the entry point, at least six of the devices were running versions vulnerable to CVE-2020-3259, which was patched in May 2020.
Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led to a data breach after hackers stole corporate data.As first reported by BleepingComputer, Johnson Controls suffered a ransomware attack in September after the firm's Asia offices were initially breached, and the attackers spread throughout their network.
White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. Intermittent encryption occurs when ransomware chooses not to encrypt every part of each file but instead encrypts sections, frequently in blocks of a set size or just the start of the targeted files.
CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption. The online version has a file size limit of 10MB, so if you're looking to decrypt larger files or virtual machines, the GitHub version is the only way to go.
In this Help Net Security video, Yochai Corem, CEO of Cyberint, explores the ransomware environment's development, effects, and emerging patterns throughout the previous year. 2023 marked a historic high for ransomware groups, with a 55.5% increase in attacks, reaching 4,368 victims globally, according to Cyberint.