December 11, 2023 at 12:55PM Cold storage and logistics company Americold suffered a cyberattack in April, resulting in the theft of personal data of 129,000 employees and dependents. The attack, attributed to Cactus ransomware, forced a network shutdown. The breach involved theft of personal information and the group plans to release additional confidential documents. Americold … Read more
December 11, 2023 at 12:55PM Toyota Financial Services suffered a data breach exposing sensitive personal and financial data. The breach, attributed to Medusa ransomware, impacted systems in Europe and Africa. Stolen data, including customer names, addresses, and financial details, have been shared on the dark web. Toyota is conducting an investigation and promises to notify … Read more
December 11, 2023 at 06:53AM 23andMe’s data breach revealed that 5.5 million sets of “DNA relatives” profiles were stolen, along with 1.4 million sets of Family Tree data. Additionally, hundreds of laptops stolen from a Bay Area tech company were recovered, and Henry Schein employees’ personal data was stolen in a ransomware attack. These incidents … Read more
December 8, 2023 at 06:30PM Norton Healthcare, a major Kentucky health system, was hit by a ransomware attack in May, exposing patient, employee, and dependent personal information. The incident involved unauthorized access to network storage devices, but not the medical record system. The attack was claimed by the BlackCat/ALPHV gang, highlighting the ongoing threat to … Read more
December 5, 2023 at 12:07PM Tipalti is probing allegations that the ALPHV ransomware group hacked its network and took 256GB of data, affecting clients like Roblox and Twitch. Tipalti is working with Roblox on the issue, and there is no known impact yet. The incident was first claimed by ALPHV in a deleted post. Meeting … Read more
December 5, 2023 at 07:36AM AlphV/BlackCat, a ransomware group, threatens to extort clients of Tipalti, an accounting software vendor it claims to have breached since September, obtaining 265GB of data. Instead of directly targeting Tipalti, which is likely not to pay due to insurance limitations, they plan to pressure high-profile clients like Roblox and Twitch. … Read more
December 2, 2023 at 03:06AM A Russian developer, Vladimir Dunaev, was convicted of creating TrickBot malware, which caused over $3.4 million in damages. Arrested in 2021 and facing up to 35 years in prison, he’s the second TrickBot member apprehended after cybercrime sanctions by the UK and US. TrickBot evolved since 2016, leading to significant … Read more
November 30, 2023 at 08:24AM Since April 2022, the Black Basta ransomware group has amassed over $107 million, with at least 90 out of 300+ victims paying ransoms. Likely evolved from Conti, the group uses Qakbot for malware deployment and shares typical ransomware-as-a-service payment structures. Its breach of Capita sparked widespread legal action. Meeting Takeaways: … Read more
November 30, 2023 at 06:30AM A CACTUS ransomware campaign is exploiting vulnerabilities in Qlik Sense, noted by Arctic Wolf researchers. These exploits allow attackers to gain initial access and establish persistence through various means, including disabling security software. The broader ransomware landscape continues to adapt and prove lucrative despite crackdowns, with groups like Black Basta … Read more
November 29, 2023 at 01:06AM A new ransomware called Xaro, derived from the DJVU/STOP strain, has been spreading through disguised cracked software. It encrypts files and steals information, demanding $980 in ransom. The malware also installs additional payloads like stealer and loader programs, aiming for double extortion and increased attack success rates. Cybersecurity experts warn … Read more