July 3, 2024 at 12:52PM A new ransomware player, Volcano Demon, has emerged with innovative locker malware, LukaLocker, and sophisticated evasion tactics, hampering forensic analysis. It employs double extortion, exfiltrates data, and demands ransom via qTox messaging. The malware terminates various security and monitoring services, posing a significant threat. vigilance and IoC monitoring are crucial. … Read more
June 29, 2024 at 11:02AM Brain Cipher, a new ransomware operation, has targeted organizations globally. In a recent high-profile attack on Indonesia’s temporary National Data Center, over 200 government agencies were disrupted. The ransomware demanded $8 million in Monero cryptocurrency and threatened to leak allegedly stolen data. Brain Cipher also launched a data leak site … Read more
June 4, 2024 at 10:37AM Cybercriminals behind the attack on Christie’s claimed to have auctioned off the stolen data after the company failed to meet a ransom demand. Christie’s spokesperson confirmed unauthorized access to client data, including personal identity information, leading to a cybersecurity incident. RansomHub sought a ransom payment and later allegedly sold the … Read more
May 2, 2024 at 02:41AM Ukrainian man Yaroslav Vasinksyi, also known as Rabotnik, has been sentenced to nearly 14 years in prison and ordered to pay over $16 million in restitution for his involvement in spreading REvil ransomware, resulting in more than 2,500 ransomware attacks and over $700 million in extortion payments. Vasinksyi was extradited … Read more
April 18, 2024 at 10:14AM A ransomware attack on Michigan-based Cherry Health led to the theft of sensitive data from nearly 185,000 individuals, including health and financial information. The healthcare organization immediately investigated the incident and notified affected individuals, offering 12-24 months of credit monitoring. The attack, similar to recent high-profile incidents, highlights the ongoing … Read more
April 15, 2024 at 11:06AM Daixin Team ransomware gang claimed cyberattack on Omni Hotels & Resorts, threatening to release customers’ data unless ransom is paid. The hotel chain suffered a massive IT outage and is now under investigation. Daixin Team has a history of targeting U.S. healthcare and public health sectors using double extortion tactics. … Read more
March 5, 2024 at 08:15AM Cybercriminals are conducting widespread attacks across the Middle East, Africa, and Asia using the new GhostLocker 2.0 ransomware. Affected organizations include technology companies, universities, manufacturing, transportation, and government organizations. The attackers demand payment for decryption keys and threaten to release stolen data if their demands are not met. Cisco Talos … Read more
February 19, 2024 at 02:36PM The Cactus ransomware gang breached Schneider Electric’s network, claiming to have stolen 1.5TB of data and leaked 25MB as proof on the dark web. They are now extorting the company and threatening to release all the data unless a ransom is paid. Schneider Electric’s Sustainability Business division, which provides renewable … Read more
December 19, 2023 at 11:45AM The U.S. Justice Department disrupted the BlackCat ransomware, issuing a decryption tool for victims. With FBI’s help, a confidential source breached the gang’s web panel. BlackCat, a major ransomware variant, operated a ransomware-as-a-service model and used double extortion. The action saved victims $68 million, dismantled the gang’s computer network, and … Read more
December 19, 2023 at 06:03AM CISA, FBI, and ACSC have issued an advisory on Play ransomware, detailing its tactics, targets, and impact. The ransomware gang uses double-extortion tactics, exploits various vulnerabilities for access, and encrypts victim data. The advisory includes indicators of compromise, mitigation steps, and recommends testing security controls against the threat behaviors outlined … Read more