Decryptor for Rhysida ransomware is available!
Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor. Rhysida and its ransomware Rhysida is a relatively new ransomware-as-a-se.....»»
Halcyon offers ransomware protection for Linux environments
As an integral part of the Halcyon Anti-Ransomware Platform, Halcyon Linux offers protection against ransomware attacks targeting Linux systems. While ransomware operators were once almost exclusively focused on targeting Windows environments, the in.....»»
Use Windows event logs for ransomware investigations, JPCERT/CC advises
The JPCERT Coordination Center – the first Computer Security Incident Response Team established in Japan – has compiled a list of entries in Windows event logs that could help enterprise defenders respond to human-operated ransomware atta.....»»
Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts
Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. “Storm-0501 is the latest threat actor observed to exploit weak credentia.....»»
Ransomware outfit claims it stole financial, employee, sales data from AutoCanada
The theft claim follows an IT breach from August. The publicly traded dealership group did not confirm being held for ransom......»»
NetApp enhances security directly within enterprise storage
NetApp announced enhancements to its portfolio of cyber resiliency offerings to strengthen security for customers. NetApp is announcing the general availability of its NetApp ONTAP Autonomous Ransomware Protection with AI (ARP/AI) solution, with 99%.....»»
How cyber compliance helps minimize the risk of ransomware infections
Over the past decade, ransomware has been cemented as one of the top cybersecurity threats. In 2023 alone, the FBI received 2,385 ransomware complaints, resulting in over $34 million in losses. To help businesses combat ransomware and other threats,.....»»
MFA bypass becomes a critical security issue as ransomware tactics advance
Ransomware is seen as the biggest cybersecurity threat across every industry, with 75% of organizations affected by ransomware more than once in the past 12 months – a jump from 61% in 2023, according to SpyCloud. Session hijacking surges as ma.....»»
Microsoft warns US healthcare of threat actor using new ransomware
Besides BlackCat and Zeppelin, Vanilla Tempest is now using INC, too......»»
Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) CVE-2024-40711, a critical vulnerability affecting Ve.....»»
Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)
CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and reported by Code WHite researcher Florian Hauser, the vulnerability can be leveraged fo.....»»
83% of organizations experienced at least one ransomware attack in the last year
Ransomware is an all-too-common occurrence: 83% of organizations have experienced at least one ransomware attack in the last year, 46% of respondents experienced four or more and 14% indicated they experienced 10 or more. Of those respondents who exp.....»»
The number of active ransomware groups is on the rise, research finds
The number of active groups has risen 56% since 2023......»»
Ransomware attacks escalate as critical sectors struggle to keep up
Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly. Recent reports highlight alarming trends, including increased attacks on critical sectors like healthcare, education, and manufacturing. Th.....»»
Qilin ransomware targets Google Chrome credentials
Sophos X-Ops reveals a new strategy that harvests credentials from compromised networks, raising significant cybersecurity concerns for organizations......»»
How ransomware tactics are shifting, and what it means for your business
In this Help Net Security interview, Tim West, Director of Threat Intelligence and Outreach at WithSecure, discusses Ransomware-as-a-Service (RaaS) with a focus on how these cybercriminal operations are adapting to increased competition, shifting str.....»»
US Authorities Issue RansomHub Ransomware Alert
RansomHub spun out of the now defunct ALPHV......»»
New ransomware group is hitting VMware ESXi systems hard
Researchers spot a new ransomware actor called Cicada3301, but it's not linked to the game of the same name......»»
City of Columbus sues man after he discloses severity of ransomware attack
Mayor said data was unusable to criminals; researcher proved otherwise. Enlarge (credit: Getty Images) A judge in Ohio has issued a temporary restraining order against a security researcher who presented evidence that a.....»»
How RansomHub went from zero to 210 victims in six months
RansomHub, a ransomware-as-a-service (RaaS) outfit that “popped up” earlier this year, has already amassed at least 210 victims (that we know of). Its affiliates have hit government services, IT and communication companies, healthcare ins.....»»
A macro look at the most pressing cybersecurity risks
Forescout’s 2024H1 Threat Review is a new report that reviews the current state of vulnerabilities, threat actors, and ransomware attacks in the first half of 2024 and compares them to H1 2023. “Attackers are looking for any weak point to bre.....»»