RansomHub claims to net data hat-trick against Bologna FC

November 30, 2024 at 04:35AM Bologna FC reportedly fell victim to the RansomHub cybercrime gang, which claims to have stolen sensitive data, including the employment contract of manager Vincenzo Italiano and personal information of players. The club confirmed a ransomware attack affected its security systems, issuing a warning against the dissemination of stolen data. ### … Read more

Bologna FC confirms data breach after RansomHub ransomware attack

November 29, 2024 at 12:25PM Bologna Football Club 1909 confirmed a ransomware attack by the RansomHub group, which leaked stolen data online. The club warns against sharing the data, citing serious legal consequences. The leaked information includes personal player data, financial records, and sponsorship details, highlighting a growing threat to sports organizations. **Meeting Takeaways: Bologna … Read more

Halliburton reports $35 million loss after ransomware attack

November 11, 2024 at 10:36AM Halliburton suffered $35 million in losses due to an August ransomware attack by the RansomHub gang, which disrupted IT systems and client services. Despite limited operational impact, data was stolen. The company reported minimal financial effects, with expectations for cash flow remaining intact but potential future legal costs looming. ### … Read more

Patelco Credit Union Data Breach Impacts Over 1 Million People

September 30, 2024 at 12:06PM Patelco Credit Union reported a ransomware attack in June, leading to a data breach of over 1 million individuals. The attackers obtained personal information, including names, birth dates, Social Security numbers, and more. Patelco is offering affected individuals two years of free credit monitoring and identity protection services, and is … Read more

RansomHub genius tries to put the squeeze on Delaware Libraries

September 25, 2024 at 01:36PM A ransomware attack by RansomHub’s affiliate has targeted Delaware Libraries, causing IT issues, shut computer labs, disrupted phone services, and leaked a small number of financial documents. The attack affected over 35 library sites and resulted in an extended system outage. The organization is working on recovery efforts and has … Read more

How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections

September 20, 2024 at 11:25AM The article discusses the Ransomhub ransomware’s utilization of EDRKillShifter to disable EDR and antivirus protections. Ransomhub also exploits the Zerologon vulnerability to take control of networks without authentication. The group has attacked various industries, employed spear-phishing, and used the affiliate model. Trend Micro’s Vision One telemetry data aided in uncovering … Read more

Rhysida ransomware gang ships off Port of Seattle data for $6M

September 17, 2024 at 12:55PM Ransomware group Rhysida claims to have stolen over 3 TB of data from Port of Seattle, including personal information, and is auctioning it for 100 Bitcoin. The Port confirmed the ransomware attack and its refusal to pay the ransom. While services are being restored, the timeline for full recovery remains … Read more

Amateurish ‘CosmicBeetle’ Ransomware Stings SMBs in Turkey

September 12, 2024 at 02:04AM The cybercriminal group “CosmicBeetle” targets small businesses in Turkey, Spain, India, and South Africa with ransomware, often experiencing glitches due to its low sophistication. The group exploits older vulnerabilities, particularly in software used by small businesses, and has links to the LockBit group. Small and midsize businesses are its main … Read more

Major sales and ops overhaul leads to much more activity … for Meow ransomware gang

September 11, 2024 at 02:47PM The Meow ransomware group has gained momentum, claiming the second most active gang spot in global ransomware attacks. The group has shifted its focus from encrypting files to selling stolen data, adopting a new tactic in the cybercrime landscape. Meanwhile, RansomHub continues to dominate the rankings with 15 percent of … Read more

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software

September 10, 2024 at 02:31PM The RansomHub ransomware gang has utilized TDSSKiller, a legitimate tool from Kaspersky, to neutralize endpoint detection and response (EDR) services on target systems. Based on the meeting notes, it appears that the RansomHub ransomware gang has been utilizing TDSSKiller, a legitimate tool from Kaspersky, to bypass endpoint detection and response … Read more