ransomware

How long will the battle for the Los Angeles judicial system last? On July 22, all 36 courts of the Los Angeles County Superior Court, the largest trial court in the United States, closed to restore systems after the ransomware attack that occurred on July 19. The attack, which has not yet...

Ransom payments after attacks on critical infrastructure continue to grow. Ransomware attacks on the UK's critical national infrastructure (CNI) have led to an unprecedented increase in the associated costs. According to the latest data from Sophos, over the past year, the median amount paid to...

Redemption journey from cryptomixers to virtual casinos. Hackers who hacked into telecommunications giant AT&T have begun legalizing the $ 370,000 ransom they received. This amount, equivalent to 5.72 bitcoins, was paid on May 17 after a massive leak affected about 109 million AT&T customers...

The furniture giant was forced to stop production due to a cyberattack. Bassett Furniture, one of the largest furniture manufacturers in the United States, was forced to suspend its production facilities after a ransomware attack last week. On July 10, the company discovered unauthorized...

The third largest pharmacy chain in the United States was defenseless against cybercriminals. US pharmaceutical giant Rite Aid has confirmed a data breach following a cyberattack in June. The RansomHub ransomware group claimed responsibility for the company's compromise. Rite Aid is the...

A bug in DoNex opened the way for data recovery. Avast specialists have discovered a vulnerability in the cryptographic scheme of the ransomware program DoNex and its predecessors. In this regard, researchers, together with law enforcement agencies, began secretly providing the decryptor to...

Personal data of residents was in the hands of RansomHub. RansomHub ransomware group published data from the Florida Department of Health. Previously, cybercriminals threatened to publish the stolen 100 GB of data if the state does not pay an unspecified ransom amount. However, the ransomware...

Many infected servers become unresponsive, making it difficult to detect infections. A new security threat related to a vulnerability in the PHP programming language that allows attackers to execute malicious code on web servers has been discovered on the network. Cybersecurity researchers...

LockBit is once again leading the industry, despite the best efforts of law enforcement agencies. According to a recent report from Cyfirma, ransomware activity increased significantly in May 2024, with notable changes in the activities of leading groups. The largest increase in activity was...

Sites of Shame and the Countdown: How cybercriminals put pressure on victims. More and more often, people who go on their usual daily tasks - to school, hospital or pharmacy-are faced with non-working computer systems. Criminal groups from different parts of the world are often behind these...

Hackers actively recruit accomplices on cybercrime forums. In 2023, Mallox ransomware activity increased significantly — by 174% compared to last year, according to new data obtained by Unit 42 specialists from Palo Alto Networks. "Mallox, like many other extortionate groups, follows the...

New version of TargetCompany with new traceless attack capabilities. Trend Micro discovered a new version of the TargetCompany ransomware targeted at VMware ESXi. Attackers use a custom shell script to deliver and execute malware. TargetCompany (Mallox, FARGO, Tohnichi) first appeared in June...

The price of the company's inaction is stolen customer identities. The RansomHub group claimed responsibility for the April cyberattack on one of the largest telecommunications companies, Frontier Communications. Hackers broke into the operator's systems and stole confidential data of more than...

A story about two companies fighting for the truth. Hudson Rock has removed its online report on the hacking of cloud storage and analytics systems by Snowflake, citing legal pressure from the latter. The report claimed that attackers gained access to Snowflake's systems and stole data from...

Researchers have identified the main trends of hackers for the year. According to a new report from Mandiant, ransomware activity increased significantly in 2023. The number of publications on data leak sites increased by 75% compared to the previous year, and the number of Mandiant...

This tool helps you protect yourself from 49 malware families. RansomLord is an open source tool that automates the creation of PE files that are used to protect against ransomware before encrypting data. The developer of RansomLord, known under the pseudonym hyp3rlinx, explained: "I created...

A new ransomware called Nemty has appeared on the network, which is supposedly the successor to GrandCrab or Buran. The malware is mainly distributed from the fake PayPal website and has a number of interesting features. Details about how this ransomware works are under the cut. The new Nemty...

A legitimate Windows security feature has become a tool for hackers. Kaspersky Lab experts have identified attacks on corporate devices using a new ShrinkLocker ransomware program that uses BitLocker. BitLocker is a security feature in Windows that allows you to protect data using encryption...

Cybercriminals who use ransomware complain that the malware they use has a built-in backdoor that allows them to intercept the ransom. According to rumors, the REvil group, which provides a ransomware service, deceives its own customers. REvil leases its software to other scammers in exchange...

Киберпреступник под ником "salfetka" утверждает, что продает исходный код INC Ransom, программы-вымогателя по принципу "услуга как таковая" (RaaS), запущенной в августе 2023 года. Ранее INC нацеливалась на американское подразделение Xerox Business Solutions (XBS), Yamaha Motor на Филиппинах и...