August 25, 2024 at 10:03PM Deniss Zolotarjovs, a suspected member of the Russian Karakurt ransomware gang, has been charged in a US court with money laundering and extortion. A Chrome vulnerability (CVE-2024-7971) was exploited before being fixed. Additionally, Microsoft issued a workaround for dual-boot PCs facing issues with Linux after installing a Windows security update. … Read more
August 23, 2024 at 06:36AM Summary: A recent Qilin ransomware attack involved stealing credentials from Google Chrome browsers, using compromised VPN portal credentials, then editing the default domain policy to harvest credentials and erase evidence after exfiltrating them. Ransomware groups continue to evolve tactics, with Russian-speaking groups earning over $500 million from ransomware proceeds and … Read more
August 22, 2024 at 05:43PM Qilin ransomware group deployed a custom stealer to harvest Google Chrome credentials, constituting a concerning shift in ransomware tactics. The attack involved gaining network access, 18 days of reconnaissance, credential theft via PowerShell script, event logs deletion, and ransomware deployment. Organizations are advised to prohibit browser secret storage, implement multi-factor … Read more
June 14, 2024 at 02:11PM Multiple London hospitals impacted by Synnovis ransomware attack forced to cancel hundreds of operations and appointments. Synnovis, formerly known as Viapath, was established in 2009 and rebranded in October 2022. NHS services disrupted as Synnovis systems were locked out in June 3 attack. Ongoing effects expected for months, with potential … Read more
March 27, 2024 at 07:05AM The Big Issue’s parent company is dealing with a serious cybersecurity incident claimed by the Qilin ransomware gang. The gang claims to have stolen 550 GB of company data, including sensitive personal information of company executives and employees, as well as subscriber data. The Information Commissioner’s Office has been notified, … Read more
January 2, 2024 at 10:54AM Australia’s Court Services Victoria (CSV) detected a ransomware cyberattack on December 21, 2023, which led to unauthorized access of court hearing recordings dating back to November 1, 2023. The affected courts include the Supreme Court, County Court, Magistrates’ Court, Children’s Court, and Coroners Court. CSV is taking measures to address … Read more
December 15, 2023 at 04:21PM Summary: Over the past two weeks, there have been notable developments in the ransomware landscape. The BlackCat/ALPHV drama continues, with affiliates reaching out to victims directly. The LockBit operation is exploiting this situation for recruitment. Various ransomware attacks and law enforcement actions have also been reported. Lastly, new ransomware variants … Read more
November 28, 2023 at 02:44PM The Qilin ransomware group has claimed responsibility for a cyber attack on Yanfeng Automotive Interiors, a major automotive parts supplier. The attack disrupted production at Stellantis, and Qilin has threatened to release sensitive data. Qilin is known for targeting companies in all sectors and recently rebranded its ransomware. Group-IB has … Read more