Decryptor for Rhysida ransomware is available!
Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor. Rhysida and its ransomware Rhysida is a relatively new ransomware-as-a-se.....»»
“Everything’s frozen”: Ransomware locks credit union users out of bank accounts
Patelco Credit Union in Calif. shut down numerous banking services after attack. Enlarge / ATM at a Patelco Credit Union branch in Dublin, California, on July 23, 2018. (credit: Getty Images | Smith Collection/Gado ) A.....»»
Moonstone Sleet: A new North Korean threat actor
Microsoft has named yet another state-aligned threat actor: Moonstone Sleet (formerly Storm-1789), which engages in cyberespionage and ransomware attacks to further goals of the North Korean regime. “Moonstone Sleet uses tactics, techniques, an.....»»
RansomLord: Open-source anti-ransomware exploit tool
RansomLord is an open-source tool that automates the creation of PE files, which are used to exploit ransomware pre-encryption. “I created RansomLord to demonstrate ransomware is not invincible, has vulnerabilities and its developers make mista.....»»
A new ransomware is hijacking Windows BitLocker to encrypt and steal files
New ransomware strain is creating new boot volumes and using labels to communicate with victims......»»
Ransomware operators shift tactics as law enforcement disruptions increase
Ransomware remains one of the most pressing cybersecurity threats in 2024, with attackers continually evolving their methods to maximize impact and evade detection. In this Help Net Security round-up, we present excerpts from previously recorded vide.....»»
Newly discovered ransomware uses BitLocker to encrypt victim data
ShrinkLocker is the latest ransomware to use Windows' full-disk encryption. A previously unknown piece of ransomware, dubbed ShrinkLocker, encrypts victim data using the BitLocker feature built into the Windows operating system. BitL.....»»
2024 sees continued increase in ransomware activity
In this Help Net Security video, Ryan Bell, Threat Intelligence Manager at Corvus Insurance, discusses how ransomware will continue to grow in 2024. In January, Corvus reported that global ransomware attacks in 2023 set a record high, surpassing 2022.....»»
Ransomware fallout: 94% experience downtime, 40% face work stoppage
Within the last 12 months, 48% of organizations identified evidence of a successful breach within their environment, according to Arctic Wolf. To fully understand the gravity of this statistic, it is important to understand that, although 48% of thes.....»»
HHS pledges $50M for autonomous vulnerability management solution for hospitals
As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability (CVE-2023-43208) in a healthcare-specific platform being leveraged by attackers, the Advanced Research Projects Agency f.....»»
US government spending $50m on auto-patcher for hospital IT
There is a lot at stake for the UPGRADE program as hackers continue to batter healthcare organizations with malware and ransomware......»»
Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Basta target orgs with new social engineering campaign Black Basta, one of the most prolific ransomware-as-a-service operators, is trying out.....»»
Cybercriminals shift tactics to pressure more victims into paying ransoms
Ransomware didn’t just grow in the US in 2023, it evolved, with the frequency of ransomware claims jumping 64% year-over-year, according to At-Bay. This was primarily driven by an explosion in “indirect” ransomware incidents which increased.....»»
Ransomware statistics that reveal alarming rate of cyber extortion
In this article, you will find excerpts from various reports that offer statistics and insights about the current ransomware landscape. Global ransomware crisis worsens NTT Security Holdings | 2024 Global Threat Intelligence Report | May 20.....»»
Black Basta ransomware group is imperiling critical infrastructure, groups warn
Threat group has targeted 500 organizations. One is currently struggling to cope. Enlarge (credit: Getty Images) Federal agencies, health care associations, and security researchers are warning that a ransomware group tr.....»»
Black Basta target orgs with new social engineering campaign
Black Basta, one of the most prolific ransomware-as-a-service operators, is trying out a combination of email DDoS and vishing to get employees to download remote access tools. Black Basta TTPs and newest initial access attempts According to a cybers.....»»
Ransomware attacks impact 20% of sensitive data in healthcare orgs
Recent cyber incidents demonstrate the healthcare industry continues to be a prime target for ransomware hackers, according to Rubrik. New research by Rubrik Zero Labs reveals that ransomware attacks produce larger impacts against these healthcare ta.....»»
Global ransomware crisis worsens
Ransomware and extortion incidents surged by 67% in 2023, according to NTT Security Holdings’ 2024 Global Threat Intelligence Report. Global ransomware crisis After a down year in 2022, ransomware and extortion incidents increased in 2023. More.....»»
97% of organizations hit by ransomware turn to law enforcement
Sophos has released additional findings from its annual “State of Ransomware 2024” survey. According to the report, among organizations surveyed, 97% of those hit by ransomware over the past year engaged with law enforcement and/or official gover.....»»
Ransomware mastermind LockBitSupp reveled in his anonymity—now he’s been ID’d
The US places a $10 million bounty for the arrest of Dmitry Yuryevich Khoroshev. Enlarge / Dmitry Yuryevich Khoroshev, aka LockBitSupp (credit: UK National Crime Agency) Since at least 2019, a shadowy figure hiding behin.....»»
LockBit leader unmasked: US charges Russian national
Russian national Dmitry Khoroshev is “LockBitSupp”, the creator, developer and administator of the infamous LockBit ransomware group, according to UK, US and Australia law enforcement agencies. The US Justice Deparment has unsealed charge.....»»