Vanuatu: Hackers strand Pacific island government for over a week
Vanuatu - an island courted by the US and China - has been stranded offline for over a week.
NHS IT supplier held to ransom by hackers
Its IT provider says it may take three or four weeks to fully recover from the cyber-attack.
Microsoft links Raspberry Robin malware to Evil Corp attacks
Microsoft has discovered that an access broker it tracks as DEV-0206 uses the Raspberry Robin Windows worm to deploy a malware downloader on networks where it also found evidence of malicious activity matching Evil Corp tactics.
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points: Ransomware victimology – recent evolutions A busy first half of the year – several newcomers in the ransomware neighborhood Cross-platform ransomware features trend New extortion techniques State-nexus groups carrying out ransomware campaigns Ransomware threat groups’ Dark Web activities * A shift towards extortion without encryption?
Ransomware review: June 2022
LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
LockBit 3.0 introduces the first ransomware bug bounty program
The LockBit ransomware operation has released 'LockBit 3.0,' introducing the first ransomware bug bounty program and leaking new extortion tactics and Zcash cryptocurrency payment options.
Conti ransomware finally shuts down data leak, negotiation sites
The Conti ransomware operation has finally shut down its last public-facing infrastructure, consisting of two Tor servers used to leak data and negotiate with victims, closing the final chapter of the notorious cybercrime brand.
Analysis and Attribution of the Eternity Ransomware: Timeline and Emergence of the Eternity Group
XVigil discovered a financially motivated threat actor group, dubbed Eternity group, actively operating on the internet, selling worms, stealers, DDoS tools, and ransomware builders.
President Rodrigo Chaves says Costa Rica is at war with Conti hackers
The president of Costa Rica says his country is "at war", as cyber-criminals cause major disruption to IT systems of numerous government ministries. Rodrigo Chaves said hackers infiltrated 27 government institutions, including municipalities and state-run utilities.
US links Thanos and Jigsaw ransomware to 55-year-old doctor
The US Department of Justice today said that Moises Luis Zagala Gonzalez (Zagala), a 55-year-old cardiologist with French and Venezuelan citizenship residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and Thanos ransomware to cybercriminals.
Costa Rica declares national emergency after Conti ransomware attacks
The Costa Rican President Rodrigo Chaves has declared a national emergency following cyber attacks from Conti ransomware group on multiple government bodies. BleepingComputer also observed Conti published most of the 672 GB dump that appears to contain data belonging to the Costa Rican government agencies. The declaration was signed into law by Chaves on Sunday, May 8th, same day as the economist and former Minister of Finance effectively became the country's 49th and current president.
Ukrainian Researcher Leaks Conti Ransomware Gang Data
A Ukrainian cybersecurity researcher has released a huge batch of data that came from the internal systems of the Conti ransomware gang. The researcher released the
New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key
A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.
Vanuatu: Hackers strand Pacific island government for over a week
Vanuatu - an island courted by the US and China - has been stranded offline for over a week.
NHS IT supplier held to ransom by hackers
Its IT provider says it may take three or four weeks to fully recover from the cyber-attack.
Microsoft links Raspberry Robin malware to Evil Corp attacks
Microsoft has discovered that an access broker it tracks as DEV-0206 uses the Raspberry Robin Windows worm to deploy a malware downloader on networks where it also found evidence of malicious activity matching Evil Corp tactics.
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points: Ransomware victimology – recent evolutions A busy first half of the year – several newcomers in the ransomware neighborhood Cross-platform ransomware features trend New extortion techniques State-nexus groups carrying out ransomware campaigns Ransomware threat groups’ Dark Web activities * A shift towards extortion without encryption?
Ransomware review: June 2022
LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
LockBit 3.0 introduces the first ransomware bug bounty program
The LockBit ransomware operation has released 'LockBit 3.0,' introducing the first ransomware bug bounty program and leaking new extortion tactics and Zcash cryptocurrency payment options.
Conti ransomware finally shuts down data leak, negotiation sites
The Conti ransomware operation has finally shut down its last public-facing infrastructure, consisting of two Tor servers used to leak data and negotiate with victims, closing the final chapter of the notorious cybercrime brand.
Analysis and Attribution of the Eternity Ransomware: Timeline and Emergence of the Eternity Group
XVigil discovered a financially motivated threat actor group, dubbed Eternity group, actively operating on the internet, selling worms, stealers, DDoS tools, and ransomware builders.
President Rodrigo Chaves says Costa Rica is at war with Conti hackers
The president of Costa Rica says his country is "at war", as cyber-criminals cause major disruption to IT systems of numerous government ministries. Rodrigo Chaves said hackers infiltrated 27 government institutions, including municipalities and state-run utilities.
US links Thanos and Jigsaw ransomware to 55-year-old doctor
The US Department of Justice today said that Moises Luis Zagala Gonzalez (Zagala), a 55-year-old cardiologist with French and Venezuelan citizenship residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and Thanos ransomware to cybercriminals.
Costa Rica declares national emergency after Conti ransomware attacks
The Costa Rican President Rodrigo Chaves has declared a national emergency following cyber attacks from Conti ransomware group on multiple government bodies. BleepingComputer also observed Conti published most of the 672 GB dump that appears to contain data belonging to the Costa Rican government agencies. The declaration was signed into law by Chaves on Sunday, May 8th, same day as the economist and former Minister of Finance effectively became the country's 49th and current president.
Ukrainian Researcher Leaks Conti Ransomware Gang Data
A Ukrainian cybersecurity researcher has released a huge batch of data that came from the internal systems of the Conti ransomware gang. The researcher released the
New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key
A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.
Vanuatu: Hackers strand Pacific island government for over a week
Vanuatu - an island courted by the US and China - has been stranded offline for over a week.
NHS IT supplier held to ransom by hackers
Its IT provider says it may take three or four weeks to fully recover from the cyber-attack.
Microsoft links Raspberry Robin malware to Evil Corp attacks
Microsoft has discovered that an access broker it tracks as DEV-0206 uses the Raspberry Robin Windows worm to deploy a malware downloader on networks where it also found evidence of malicious activity matching Evil Corp tactics.
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points: Ransomware victimology – recent evolutions A busy first half of the year – several newcomers in the ransomware neighborhood Cross-platform ransomware features trend New extortion techniques State-nexus groups carrying out ransomware campaigns Ransomware threat groups’ Dark Web activities * A shift towards extortion without encryption?