Security News

From the outside, at least, it appears that Caesars suffered minimal pain and business disruption primarily because it decided to pay the ransom. "Paying a ransom is like cutting the cheese in a packed elevator: it makes other people suffer," Emsisoft threat analyst Brett Callow told The Register.

The Ohio Lottery was forced to shut down some key systems after a cyberattack affected an undisclosed number of internal applications on Christmas Eve. "Additionally, winning numbers for KENO, Lucky One, and EZPLAY Progressive Jackpots are not available on our website or mobile app but can be checked at any Ohio Lottery Retailer."

German hospital network Katholische Hospitalvereinigung Ostwestfalen has confirmed that recent service disruptions at three hospitals were caused by a Lockbit ransomware attack. It severely impacted the systems that support the operations of three hospitals in Bielefeld, Rheda-Wiedenbrück, and Herford, Germany.

The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify...

The FBI revealed this week that they hacked the BlackCat/ALPHV ransomware operation, which raked in $300 million from over 1,000 victims. Retrieving 400 decryption keys and likely more data from the hacked servers has significantly tarnished the ransomware operation's reputation.

Today, the Akira ransomware gang claimed that it breached the network of Nissan Australia, the Australian division of Japanese car maker Nissan.The attackers have threatened to leak sensitive business and client data online, as ransom negotiations with Nissan failed after the company either refused to engage or pay the ransom.

Regardless, many are skeptical of the ransomware group's explanation that a "Hardware fault" was to blame, and rumors that police infiltrated the ring are still wafting throughout the industry. It's generally understood, by the good guys and the bad, that the cybercrime underworld is teeming with researchers trying to unearth secrets from ransomware groups and as a result, it's becoming a vastly more difficult feat to infiltrate them.

The ransomware group, which has distributed ransomware to more than 1,000 victims, reportedly recovered control of its website on Tuesday. On Dec. 19, the Department of Justice announced the FBI had been working on a disruption campaign against the ransomware group known as ALPHV, Noberus or BlackCat that resulted in the seizure of several of the group's websites, visibility into their network and a decryption tool that could restore stolen data.

The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation. "ALPHV Blackcat affiliates have extensive networks and experience with ransomware and data extortion operations," the FBI says.

An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs. "As a result, the FBI identified and collected 946 public/private key pairs for Tor sites that the Blackcat Ransomware Group used to host victim communication sites, leak sites, and affiliate panels like the ones described above."