June 26, 2024 at 11:50AM MITRE Engenuity combined the tactics of cyber attackers menuPass and ALPHV/BlackCat to evaluate the effectiveness of managed security services. The blog highlights the selection of these sophisticated threat actors and their targeting of managed service providers. Trend Micro achieved 100% detection in the assessment, emphasizing the significance of advanced cybersecurity … Read more
June 13, 2024 at 10:04AM In 2024, significant takedowns of cybercrime groups like LockBit and ALPHV/BlackCat signal a potential turning point. Cybercrime organizations function similarly to startups, adapting quickly to market demands and staying ahead of law enforcement. Legislative changes and collaboration between industry and law enforcement play a crucial role in combating cybercrime and … Read more
February 28, 2024 at 07:38PM The ALPHV/BlackCat cybercrime gang has claimed responsibility for a ransomware attack on Change Healthcare, impacting pharmacies and hospitals across the US. They allege to have stolen significant sensitive data, but their credibility is questionable. UnitedHealth Group is investigating the incident and coordinating with law enforcement and cybersecurity experts. The healthcare … Read more
February 26, 2024 at 10:21AM Lending firm LoanDepot suffered a ransomware attack, leading to the theft of personal data from over 16.9 million individuals. Unauthorized access to systems occurred between January 3rd and 5th, compromising sensitive information such as names, addresses, Social Security numbers, and financial account details. Free identity protection and credit monitoring services … Read more
December 5, 2023 at 07:36AM AlphV/BlackCat, a ransomware group, threatens to extort clients of Tipalti, an accounting software vendor it claims to have breached since September, obtaining 265GB of data. Instead of directly targeting Tipalti, which is likely not to pay due to insurance limitations, they plan to pressure high-profile clients like Roblox and Twitch. … Read more
November 9, 2023 at 07:36AM Japanese electronics manufacturer Japan Aviation Electronics Industry has been recovering from a cyberattack caused by the Alphv/BlackCat ransomware group. The incident occurred on November 2, with unauthorized access to some of the company’s servers. Though there have been delays in email communication, no data leakage has been confirmed. The ransomware … Read more
October 26, 2023 at 07:11PM Octo Tempest is a threat actor group tracked by Microsoft, specializing in data extortion and ransomware attacks. They have evolved their tactics over time, targeting organizations in various sectors and partnering with the ALPHV/BlackCat ransomware group. With advanced social engineering capabilities, they gain initial access through phishing, social engineering, and … Read more
October 26, 2023 at 06:56PM Octo Tempest, a native English-speaking threat actor tracked by Microsoft, has evolved from selling SIM swaps and stealing cryptocurrency accounts to conducting data extortion and ransomware attacks. The group targets companies in various sectors and has partnered with the ALPHV/BlackCat ransomware group. They employ advanced social engineering techniques, physical threats, … Read more