New Black Basta decryptor exploits ransomware flaw to recover files
Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free.
Lockbit ransomware disrupts emergency care at German hospitals
German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has confirmed that recent service disruptions were caused by a Lockbit ransomware attack where the threat actors gained access to IT systems and encrypted devices on the network.
Healthcare software provider data breach impacts 2.7 million
ESO Solutions, a provider of software products for healthcare organizations and fire departments, disclosed that data belonging to 2.7 million patients has been compromised as a result of a ransomware attack.
Welltok data breach exposes data of 8.5 million US patients
Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack.
Toyota confirms breach after Medusa ransomware threatens to leak data
Toyota Financial Services (TFS) has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company.
Critical Atlassian Confluence bug exploited in Cerber ransomware attacks
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware.
Ukrainian activists hack Trigona ransomware gang, wipe servers
A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available.
Ragnar Locker ransomware’s dark web extortion sites seized by police
The Ragnar Locker ransomware operation's Tor negotiation and data leak sites were seized Thursday morning as part of an international law enforcement operation.
Sony confirms data breach impacting thousands in the U.S.
Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed personal information.
Attacks on Citrix NetScaler systems linked to ransomware actor
A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks.
Siemens Energy confirms data breach after MOVEit data-theft attack
Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform.
Suspected LockBit ransomware affiliate arrested, charged in US
Russian national Ruslan Magomedovich Astamirov was arrested in Arizona and charged by the U.S. Justice Department for allegedly deploying LockBit ransomware on the networks of victims in the United States and abroad.
IT employee impersonates ransomware gang to extort employer
A 28-year-old United Kingdom man from Fleetwood, Hertfordshire, has been convicted of unauthorized computer access with criminal intent and blackmailing his employer.
Multinational tech firm ABB hit by Black Basta ransomware attack
Swiss multinational company ABB, a leading electrification and automation technology provider, has suffered a Black Basta ransomware attack, reportedly impacting business operations.
New Money Message ransomware demands million dollar ransoms
A new ransomware gang named 'Money Message' has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data and release a decryptor.
Ransomware gang posts video of data stolen from Minneapolis schools
The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly stolen in a ransomware attack.
Medusa ransomware gang picks up steam as it targets companies worldwide
A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands.
Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day
The Clop ransomware gang claims to be behind recent attacks that exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, saying they stole data from over 130 organizations.
Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide
Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware.
Vice Society ransomware leaks University of Duisburg-Essen’s data
The Vice Society ransomware gang has claimed responsibility for the November 2022 cyberattack that forced the University of Duisburg-Essen (UDE) to reconstruct its IT infrastructure, a process that's still ongoing.
New Money Message ransomware demands million dollar ransoms
A new ransomware gang named 'Money Message' has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data and release a decryptor.
Ransomware gang posts video of data stolen from Minneapolis schools
The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly stolen in a ransomware attack.
Medusa ransomware gang picks up steam as it targets companies worldwide
A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands.
Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day
The Clop ransomware gang claims to be behind recent attacks that exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, saying they stole data from over 130 organizations.
Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide
Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware.
Vice Society ransomware leaks University of Duisburg-Essen’s data
The Vice Society ransomware gang has claimed responsibility for the November 2022 cyberattack that forced the University of Duisburg-Essen (UDE) to reconstruct its IT infrastructure, a process that's still ongoing.