May 6, 2024 at 10:36AM Law enforcement agencies revived a LockBit ransomware data leak site to tease new revelations on the takedown of LockBit’s infrastructure. The site was initially taken down during Operation Cronos, and later revived to announce upcoming blog posts at 14:00:00 UTC on Tuesday. The potential reveal of LockBit’s operator remains highly … Read more
April 9, 2024 at 10:09AM The US government is offering bounties for information on ransomware gangs, but challenges remain in collecting information due to rigorous conditions and low payouts. Concerns are raised about the effectiveness of a criminal law enforcement approach in addressing ransomware attacks, compounded by the potential involvement of adversarial nations like Russia. … Read more
April 4, 2024 at 06:56AM Leicester City Council confirms a ransomware attack where data was stolen and leaked, impacting residents with exposed personal information. The council is working with authorities to investigate, while residents are advised to remain vigilant. They have restored many services and shared their efforts to address the situation. Similar attacks have … Read more
April 3, 2024 at 07:27AM Summary: Operation Cronos on Feb. 19, 2024 significantly disrupted LockBit’s ransomware operations, leading to a takeover of its leak site by UK’s NCA. Authorities leveraged the site to cast doubt on LockBit’s promises and distribute information about the group. Fallout from the disruption hinted at the significant impact on the … Read more
March 27, 2024 at 10:10AM Ransomware evolution in the past months includes LockBit’s blog takedown, BlackCat’s exit, and smaller groups emergence. The ecosystem functions as a complex supply chain with RaaS dominating large groups. Affiliate competition and recent takedowns are shifting the landscape, potentially leading to ecosystem fragmentation. Corporate security recommendations include extensive monitoring, patching … Read more
March 20, 2024 at 07:30AM Multiple threat actors are exploiting security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan. The attacks entail the exploitation of CVE-2024-27198, enabling adversaries to gain administrative control over affected servers. Organizations using TeamCity are urged to update their software … Read more
March 14, 2024 at 10:51AM A 34-year-old Russian-Canadian, Mikhail Vasiliev, received a nearly four-year jail sentence in Canada for his involvement in the LockBit ransomware operation. He pleaded guilty to cyber extortion, mischief, and weapons charges. Vasiliev, described as a “cyber-terrorist,” sought ransom payments from Canadian companies and has been ordered to pay back over … Read more
March 13, 2024 at 12:51PM Russian-Canadian national Mikhail Vasiliev, 34, sentenced to nearly four years in prison in Canada for his role in LockBit ransomware operation. He targeted at least three organizations in Canada, seeking ransom payments. The US is also pursuing charges against him. LockBit, operating under ransomware-as-a-service model, was a prolific operation until … Read more
March 13, 2024 at 07:46AM Russian-Canadian cybercriminal Mikhail Vasiliev sentenced to 4 years in prison by Ontario court for involvement in LockBit ransomware gang, with restitution of $860,000 to Canadian victims and potential extradition to the U.S. LockBit, a ransomware-as-a-service operation, has faced disruption by law enforcement, but despite relaunching, analysis suggests its activities are … Read more
March 4, 2024 at 09:38AM Law enforcement’s crackdown on the LockBit ransomware crew has reignited calls for a ban on ransom payments. Ciaran Martin, CEO of the NCSC, emphasized the need for such a ban due to the devastating impact of ransomware. However, concerns about businesses’ ability to recover without payments and the need for … Read more