Security News
As businesses scramble to take the lead in operationalizing AI-enabled interfaces, ransomware actors will use it to scale their operations, widen their profit margins, and increase their likelihood of pulling off successful attacks. Researchers have charted a 37% rise in ransomware incidents in 2023 in the Zscaler cloud, a triple-digit increase in double-extortion tactics across numerous industries, and an overall surge in sector-specific attacks targeting industries like manufacturing.
In a rare display of transparency, US energy services firm BHI Energy details how the Akira ransomware operation breached their networks and stole the data during the attack. In a data breach notification sent by BHI Energy to impacted people, the company provides detailed information on how the Akira ransomware gang breached its network on May 30, 2023.
This was a bad week for ransomware, with the Trigona ransomware suffering a data breach and law enforcement disrupting the RagnarLocker ransomware operation. October 15th 2023 Colonial Pipeline attributes ransomware claims to 'unrelated' third-party data breach October 16th 2023 New STOP ransomware variants.
Europol on Friday announced the takedown of the infrastructure associated with Ragnar Locker ransomware, alongside the arrest of a "key target" in France. "In an action carried out between 16 and...
Law enforcement agencies arrested a malware developer linked with the Ragnar Locker ransomware gang and seized the group's dark web sites in a joint international operation. Authorities from France, the Czech Republic, Germany, Italy, Latvia, the Netherlands, Spain, Sweden, Japan, Canada, and the United States were part of this international operation targeting the Ragnar Locker ransomware gang.
Law enforcement agencies arrested a malware developer linked with the Ragnar Locker ransomware gang and seized the group's dark web sites in a joint international operation. Authorities from France, the Czech Republic, Germany, Italy, Latvia, the Netherlands, Spain, Sweden, Japan, Canada, and the United States were part of this international operation targeting the Ragnar Locker ransomware gang.
The introduction of Munchkin to BlackCat's already extensive and advanced arsenal makes the RaaS more attractive to cybercriminals seeking to become ransomware affiliates. After compromising a device, the threat actors install VirtualBox and create a new virtual machine using the Munchkin ISO. This Munchkin virtual machine includes a suite of scripts and utilities that allow the threat actors to dump passwords, spread laterally on the network, build a BlackCat 'Sphynx' encryptor payload, and execute programs on network computers.
Law enforcement agencies have taken over RagnarLocker ransomware group's leak site in an internationally coordinated takedown. The takedown follows a concerted effort from law enforcement in recent years to shutter ransomware groups as their success continues to exceed previous records.
The Ragnar Locker ransomware operation's Tor negotiation and data leak sites were seized Thursday morning as part of an international law enforcement operation. A Europol spokesperson has confirmed the seizure message is legitimate as part of an ongoing action targeting the Ragnar Locker ransomware gang and that a press release will be published tomorrow.
A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available. Ukrainian Cyber Alliance hackers gained access to Trigona ransomware's infrastructure by using a public exploit for CVE-2023-22515, a critical vulnerability in Confluence Data Center and Server that can be leveraged remotely to escalate privileges.