Decryptor for Rhysida ransomware is available!
Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor. Rhysida and its ransomware Rhysida is a relatively new ransomware-as-a-se.....»»
International investigation shuts down Radar/Dispossessor ransomware group
FBI Cleveland announced the disruption of “Radar/Dispossessor”—the criminal ransomware group led by the online moniker “Brain”—and the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.....»»
74% of ransomware victims were attacked multiple times in a year
An alarming trend toward multiple, sometimes simultaneous cyber attacks forces business leaders to re-evaluate their cyber resilience strategies to address common points of failure, including inadequate identity system backup and recovery practices,.....»»
Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals
The sophistication of cyber threats has escalated dramatically, with malicious actors’ deploying advanced tactics, techniques, and procedures (TTPs) to exploit vulnerabilities and evade detection, according to Darktrace. Subscription-based tools su.....»»
Ransomware operators continue to innovate
Ransomware groups continue to refine their craft, building and scaling business models that resemble legitimate corporate enterprises, according to Rapid7. They market their services to prospective buyers, offer company insiders commissions in exchan.....»»
Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise
Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face every few days, according to GitProtect.io. DevSecOps The possibility to integrate.....»»
Ransomware gang targets IT workers with new RAT masquerading as IP scanner
Ransomware-as-a-service outfit Hunters International is wielding a new remote access trojan (RAT). “The malware, named SharpRhino due to its use of the C# programming language, is delivered through a typosquatting domain impersonating the legit.....»»
Email attacks skyrocket 293%
Email attacks have surged by 293% in the first half of 2024 compared to the same period in 2023, according to Acronis. The number of ransomware detections was also on the rise, increasing 32% from Q4 2023 to Q1 2024. Ransomware remains a top threat f.....»»
Record-breaking $75 million ransom paid to cybercrime group
Ransomware attacks have reached new heights of ambition and audacity over the past year, marked by a notable surge in extortion attacks, according to a Zscaler. The findings from the report uncovered a record-breaking ransom payment of $75 million to.....»»
VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)
Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full administrative access to them and encrypt their file system. VMware owner.....»»
Ransomware and email attacks are hitting businesses more than ever before
Misconfigured systems and poor MFA implementations are to blame, Cisco Talos report says......»»
Nearly 90 percent of outside software rebooted after CDK cyberattacks, CEO Brian MacDonald says
CDK Global, working with outside experts, is continuing to investigate whether the June 19 ransomware event led to the theft of any personal information......»»
Rite Aid confirms data breach following ransomware attack
Pharmacy giant confirms sensitive data was stolen, but health and payment information was not......»»
CDK CEO pledges to compensate dealers after ransomware event
CDK CEO Brian MacDonald promised to dealers in a letter that they would receive "some financial relief" for interruptions stemming from the June 19 cyberattacks......»»
This new ransomware scam will hassle you with phone calls until you pay up
Since there is no dedicated data leak site, the operators call the victims on the phone and threaten them......»»
“Everything’s frozen”: Ransomware locks credit union users out of bank accounts
Patelco Credit Union in Calif. shut down numerous banking services after attack. Enlarge / ATM at a Patelco Credit Union branch in Dublin, California, on July 23, 2018. (credit: Getty Images | Smith Collection/Gado ) A.....»»
Moonstone Sleet: A new North Korean threat actor
Microsoft has named yet another state-aligned threat actor: Moonstone Sleet (formerly Storm-1789), which engages in cyberespionage and ransomware attacks to further goals of the North Korean regime. “Moonstone Sleet uses tactics, techniques, an.....»»
RansomLord: Open-source anti-ransomware exploit tool
RansomLord is an open-source tool that automates the creation of PE files, which are used to exploit ransomware pre-encryption. “I created RansomLord to demonstrate ransomware is not invincible, has vulnerabilities and its developers make mista.....»»
A new ransomware is hijacking Windows BitLocker to encrypt and steal files
New ransomware strain is creating new boot volumes and using labels to communicate with victims......»»
Ransomware operators shift tactics as law enforcement disruptions increase
Ransomware remains one of the most pressing cybersecurity threats in 2024, with attackers continually evolving their methods to maximize impact and evade detection. In this Help Net Security round-up, we present excerpts from previously recorded vide.....»»
Newly discovered ransomware uses BitLocker to encrypt victim data
ShrinkLocker is the latest ransomware to use Windows' full-disk encryption. A previously unknown piece of ransomware, dubbed ShrinkLocker, encrypts victim data using the BitLocker feature built into the Windows operating system. BitL.....»»