Black Basta is latest ransomware group to be hit by leak of chat logs
Cybersecurity researchers are analyzing about 200,000 messages from inside the high-profile Black Basta ransomware operation that were leaked recently.
'Crude' ransomware tools proliferating on the dark web for cheap, researchers find
Cheap ransomware is being sold for one-time use on dark web forums, allowing inexperienced freelancers to get into cybercrime without any interaction with affiliates. Researchers at the intelligence unit at the cybersecurity firm Sophos found 19 ransomware varieties being offered for sale or advertised as under development on four forums from June 2023 to February 2024.
Ransomware attack has cost UnitedHealth $872 million; total expected to surpass $1 billion
he ransomware attack on a company owned by healthcare giant UnitedHealth Group (UHG) has so far caused $872 million in losses, according to the corporation’s latest earnings report. UnitedHealth owns Change Healthcare, a key cog in the U.S. healthcare industry that was crippled by a ransomware attack in February. Change Healthcare and UHG subsidiary Optum took hundreds of systems offline as a result of the incident and faced criticism from the White House and Congress over its handling of the ransomware attack.
Researchers discover new ransomware gang ‘Muliaka’ attacking Russian businesses
A previously unknown ransomware gang has been attacking Russian businesses with malware based on the leaked source code from the Conti hacking group. The gang, which researchers at the Moscow-based cybersecurity company F.A.C.C.T. have dubbed “Muliaka," or Muddy Water in English, has left minimal traces from its attacks but has likely been active since at least December 2023.
Ransomware gang takes credit for Christmas attack on global Lutheran organization
The World Council of Churches reported an incident in December, and the Lutheran World Federation said it experienced a related incident. The Rhysida gang claimed it carried out the attack on the federation.
After ransomware claims, Xerox says subsidiary hit with cyberattack
The printing and business services giant said its XBS division "experienced a security incident." A cybercrime gang called INC said it was responsible.
FBI: Play ransomware gang has attacked 300 orgs since 2022
Since it appeared in July 2022, Play ransomware has launched devastating attacks on municipalities and critical infrastructure, agencies said.
Atlassian confirms ransomware is exploiting latest Confluence bug
An Atlassian spokesperson said the company had evidence to support what cybersecurity researchers reported over the weekend: A vulnerability affecting the Confluence Data Center and Confluence Server products was being used in cybercrime.
Massive ransomware attack hinders services in 70 German municipalities
Hackers encrypted the servers of the municipal service provider Südwestfalen IT, leading the company to restrict access to its infrastructure for over 70 municipalities in western Germany.
![Ransomware tracker: The latest figures [August 2023]](https://rdl.ink/render/https%3A%2F%2Fcms.therecord.media%2Fuploads%2F2023_1109_Ransomware_Tracker_Victim_Data_Released_on_Ransomware_Extortion_Sites_83bf44398c.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2){kind=tracking}
Ransomware tracker: The latest figures [August 2023]
The number of ransomware attacks posted on extortion websites shot up to a record high in July, with ransomware gangs publicly claiming more than 15 attacks per day on average. In total there were 484 ransomware attacks in July, compared to 408 the previous month, according to data collected by Recorded Future from extortion sites, government agencies, news reports, hacking forums, and other sources.
German arms company Rheinmetall confirms Black Basta ransomware group behind cyberattack
Rheinmetall confirmed on Monday that the Black Basta ransomware group was behind a cyberattack it detected last month.
Britain and US make major move against ransomware gangs by sanctioning seven individuals - The Record from Recorded Future News
The United Kingdom and United States on Thursday sanctioned seven people connected to what officials have told The Record is a single network behind the Conti and Ryuk ransomware gangs as well as the Trickbot banking trojan. The sanctions are described as the first major move of a “new campaign of concerted action” between Britain and the United States, and insiders say that further actions should be expected later this year.
Britain and US make major move against ransomware gangs by sanctioning seven individuals - The Record from Recorded Future News
The United Kingdom and United States on Thursday sanctioned seven people connected to what officials have told The Record is a single network behind the Conti and Ryuk ransomware gangs as well as the Trickbot banking trojan. The sanctions are described as the first major move of a “new campaign of concerted action” between Britain and the United States, and insiders say that further actions should be expected later this year.
More than 200 U.S. institutions hit with ransomware in 2022: report
More than 200 local governments, schools and hospitals in the U.S. were affected by ransomware in 2022, according to research conducted by cybersecurity firm Emsisoft. The annual “State of Ransomware in the US” report found that 105 local governments; 44 universities and colleges; 45 school districts; and 25 healthcare providers operating 290 hospitals dealt with ransomware attacks last year.
More than 200 U.S. institutions hit with ransomware in 2022: report
More than 200 local governments, schools and hospitals in the U.S. were affected by ransomware in 2022, according to research conducted by cybersecurity firm Emsisoft. The annual “State of Ransomware in the US” report found that 105 local governments; 44 universities and colleges; 45 school districts; and 25 healthcare providers operating 290 hospitals dealt with ransomware attacks last year.
Michigan school districts reopen after three-day closure due to ransomware attack
Public schools in two Michigan counties are reopening on Thursday after a ransomware attack crippled their ability to function and closed doors to students for three days. All of the public schools in Jackson and Hillsdale counties announced their reopening on Thursday in letters to parents, assuring them that cybersecurity experts, tech officials and law enforcement worked around the clock to restore the systems following outages that began on Monday.
Michigan school districts reopen after three-day closure due to ransomware attack
Public schools in two Michigan counties are reopening on Thursday after a ransomware attack crippled their ability to function and closed doors to students for three days. All of the public schools in Jackson and Hillsdale counties announced their reopening on Thursday in letters to parents, assuring them that cybersecurity experts, tech officials and law enforcement worked around the clock to restore the systems following outages that began on Monday.
Microsoft ties Vice Society hackers to additional ransomware strains
Microsoft tied hackers with the Vice Society ransomware gang to several ransomware strains on Tuesday, noting that the group has been behind a wave of attacks on primary schools and colleges across the world.
Microsoft ties Vice Society hackers to additional ransomware strains
Microsoft tied hackers with the Vice Society ransomware gang to several ransomware strains on Tuesday, noting that the group has been behind a wave of attacks on primary schools and colleges across the world.
QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign
The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.
QNAP warns of zero-day vulnerability in latest DeadBolt ransomware campaign
The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.
An interview with initial access broker Wazawaka: 'There is no such money anywhere as there is in ransomware
Editor’s Note: Last April, a ransomware group threatened to expose police informants and other sensitive information if the Washington, D.C. Metropolitan Police Department did not pay a demand. The brazen attack was the work of a gang known as Babuk, which in early 2021 gained a reputation for posting stolen databases on its website from victims that refused to pay a ransom. Just days after it tried to extort the Metropolitan Police Department, Babuk announced it was closing its ransomware affiliate program, and would focus on data theft and extortion instead.
An interview with initial access broker Wazawaka: 'There is no such money anywhere as there is in ransomware
Editor’s Note: Last April, a ransomware group threatened to expose police informants and other sensitive information if the Washington, D.C. Metropolitan Police Department did not pay a demand. The brazen attack was the work of a gang known as Babuk, which in early 2021 gained a reputation for posting stolen databases on its website from victims that refused to pay a ransom. Just days after it tried to extort the Metropolitan Police Department, Babuk announced it was closing its ransomware affiliate program, and would focus on data theft and extortion instead.
An interview with initial access broker Wazawaka: 'There is no such money anywhere as there is in ransomware
Editor’s Note: Last April, a ransomware group threatened to expose police informants and other sensitive information if the Washington, D.C. Metropolitan Police Department did not pay a demand. The brazen attack was the work of a gang known as Babuk, which in early 2021 gained a reputation for posting stolen databases on its website from victims that refused to pay a ransom. Just days after it tried to extort the Metropolitan Police Department, Babuk announced it was closing its ransomware affiliate program, and would focus on data theft and extortion instead.