July 19, 2024 at 03:24AM The Play ransomware group has developed a new Linux variant targeting ESXi environments, with potential collaboration with Prolific Puma. The ransomware utilizes evasion techniques and custom-built tools. To mitigate the risk of attacks on ESXi environments, it’s recommended to implement strong access controls, network segmentation, regular backups, and security monitoring. … Read more
June 4, 2024 at 08:39AM Ransomware group RansomHub claimed responsibility for the April 2024 cyberattack on Frontier Communications. The attack resulted in certain systems being shut down, leading to possible data theft of personal information of over two million customers. RansomHub threatens to sell the stolen data unless the company takes action within ten days. … Read more
May 30, 2024 at 08:30AM Financial Business and Consumer Solutions (FBCS) reported a data breach affecting 3.2 million people, with hackers potentially accessing and stealing personal information including names, dates of birth, and Social Security numbers. Though no misuse has been detected, affected individuals will receive free credit monitoring services. FBCS may have been targeted … Read more
May 6, 2024 at 07:52PM LockBit’s website, shut down in February by law enforcement, has been relaunched, teasing the release of unmasking documents. The site was initially seized in Operation Cronos, and has now resurfaced with countdowns to unveil disclosures. Law enforcement’s previous articles on the site were uneventful, but upcoming reveals may provide substantial … Read more
April 23, 2024 at 10:13AM UnitedHealth Group confirmed a ransomware attack in February, exposing PII and PHI of many Americans. Despite paying a $22 million ransom, the attacker released data. UnitedHealth reported partial functionality restoration and incurred $872 million in costs. $6 billion was allocated for impacted healthcare providers. Investigation and notifications to affected individuals … Read more
March 5, 2024 at 01:10PM The RA World ransomware group, formed in April, has significantly expanded its attack scope. Targeting global organizations, the group recently launched sophisticated cyberattacks, notably in Latin America’s healthcare sector. With a focus on the US and adoption of double-extortion tactics, it poses a major threat, emphasizing the need for robust … Read more
February 20, 2024 at 12:39AM An international law enforcement operation, codenamed Operation Cronos, led to the seizure of darknet domains operated by LockBit ransomware group, involving 11 countries. Exploiting a security flaw, authorities gained control of sites, revealing extensive data on victims and operations. This blow follows the dismantling of BlackCat ransomware, impacting LockBit’s operations. … Read more
December 22, 2023 at 06:45AM The Donald W. Wyatt Detention Facility in Rhode Island experienced a data breach affecting around 2,000 inmates, staff, and vendors. The breach, which occurred in November, involved malware and data theft, compromising personal details like financial info, medical records, and Social Security numbers. The facility is providing affected individuals with … Read more
December 20, 2023 at 10:21AM The BlackCat ransomware group, Alphv, faced law enforcement action, leading to website seizures and a decryption tool release. After losing control of their Tor-based site, they established a new leak website and vowed retaliation. The Justice Department seized BlackCat’s communication sites, impacting their affiliates. Security experts anticipate the group may … Read more
November 28, 2023 at 08:53AM A major cybercrime group that had been under investigation for over four years has been dismantled, according to Europol. The joint investigation team, led by French authorities, made five arrests, including the group’s leader and four accomplices. The group, responsible for attacking organizations in 71 countries, used various ransomware strains … Read more