Underground ransomware claims attack on Casio, leaks stolen data

October 10, 2024 at 12:05PM The Underground ransomware gang attacked Casio on October 5, disrupting services and potentially compromising personal and confidential data. The group leaked sensitive information on the dark web, including employee data and financial documents. Casio is investigating the breach but has not confirmed the claims. The group targets Windows systems since … Read more

Dutch Police: ‘State actor’ likely behind recent data breach

October 3, 2024 at 02:59PM Dutch national police (Politie) suspects a state actor of the recent data breach, compromising officers’ contact details and private information. They are implementing stronger security measures, including two-factor authentication, and closely monitoring systems for unauthorized access. The investigation is ongoing, and further details will be made public as they become … Read more

Euro cops arrest 4 including suspected LockBit dev chilling on holiday

October 1, 2024 at 01:38PM Authorities have arrested four individuals linked to the dismantled LockBit ransomware empire. French law prohibits naming the arrested, but a post on LockBit’s leak blog confirms severe charges in France. The UK also apprehended two individuals linked to LockBit. The Spanish Guardia Civil arrested a key suspect at Madrid airport. … Read more

Could Security Misconfigurations Become No. 1 in OWASP Top 10?

September 27, 2024 at 10:05AM The convergence of rising cyber threats, AI, remote work, and hybrid infrastructures presents significant cybersecurity challenges. Continuous threat exposure management and robust security solutions are imperative. Misconfigurations are a major vulnerability, with 80% of ransomware attacks attributed to common configuration errors. Automation and policy-as-code approach are recommended to mitigate human … Read more

A data leak and a data breach

September 24, 2024 at 05:34AM This article explains the significance of data leaks and breaches, differences between the two, global impact, and prevention measures. With 6.41 million data records leaked in Q1 2023, it highlights notable breaches like LinkedIn and Duolingo, emphasizing the financial and privacy implications. Recommended prevention steps include basic security measures and … Read more

Dell investigates data breach claims after hacker leaks employee info

September 20, 2024 at 12:33PM Dell is investigating claims of a data breach following a threat actor’s leak of data for over 10,000 employees. This has been confirmed by the company to BleepingComputer. Based on the meeting notes, it appears that Dell is investigating claims of a data breach, specifically related to leaked data for … Read more

U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks

September 9, 2024 at 12:39AM The U.S. government and international partners attribute cyberattacks to Russian hacking group Cadet Blizzard, linked to GRU 161st Specialist Training Center, targeting infrastructure and countries including Ukraine and NATO members. Cyber actors use destructive malware, and DOJ has indicted Russian officers associated with Unit 29155. Agencies emphasize system updates, network … Read more

Linux version of new Cicada ransomware targets VMware ESXi servers

September 3, 2024 at 11:00AM Cicada3301, a new ransomware-as-a-service, is impersonating the legitimate Cicada 3301 organization, conducting cyber attacks and recruiting affiliates. This operation uses double-extortion tactics and targets specific file extensions on Windows and Linux/VMware ESXi systems. Its strategic design is aimed at maximizing damage in enterprise environments and pressuring victims to pay ransoms. … Read more

Cicada3301 ransomware’s Linux encryptor targets VMware ESXi systems

September 1, 2024 at 12:39PM Cicada3301 is a new ransomware-as-a-service (RaaS) operation with 19 victims listed on its portal. It conducts double-extortion tactics, utilizing data theft as leverage. The malware overlaps with ALPHV/BlackCat, employing similar encryption methods. It may have ties to the Brutus botnet and targets VMware ESXi setups, causing significant damage to enterprise … Read more

U.S. charges Karakurt extortion gang’s “cold case” negotiator

August 22, 2024 at 09:09AM Deniss Zolotarjovs, a member of the Russian Karakurt ransomware group, has been charged in the U.S. for money laundering, wire fraud, and extortion crimes. As a key negotiator for the group, he was involved in multiple cases of extortion impacting American organizations. If convicted, he could face a maximum of … Read more