Tag: ransomware
-
The Canvas Hack Is a New Kind of Ransomware Debacle
Thousands of schools around the US were paralyzed on Thursday after education tech firm Instructure shut down access to its Canvas platform following a breach by hackers going by the name ShinyHunters. First seen on wired.com Jump to article: www.wired.com/story/canvas-hack-shinyhunters-ransomware-instructure/
-
Iranian government hackers using Chaos ransomware as cover, researchers say
First seen on therecord.media Jump to article: therecord.media/iran-government-hackers-use-chaos-ransomware-as-cover
-
Businesses hide vast majority of ransomware attacks, report finds
The security firm BlackFog said the number of disclosed incidents it tracked in Q1 was roughly one-tenth of the number of undisclosed incidents. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-undisclosed-attacks-blackfog/819595/
-
VECT-Ransomware Wenn Hacker-Laien zur echten Gefahr werden
Ende 2025 tauchte mit VECT eine weitere Ransomware-Gruppe auf, die sich vorgenommen hat, das Geschäft der digitalen Erpressung zu demokratisieren. Durch eine Partnerschaft mit Breachforums, einem der größten Marktplätze für Cyberkriminalität, öffnete VECT seine Plattform für jeden registrierten Nutzer. Das rief Tausende potenzielle Angreifer praktisch über Nacht auf den Plan. Gleichzeitig sicherte sich die Gruppe…
-
Versicherungsprämien für Cybersicherheit senken
Qualys hat heute gemeinsam mit Converge, einem Pionier im Bereich des fortschrittlichen Cyber-Risikomanagements und -Underwritings, ein Angebot angekündigt, das Unternehmen für nachgewiesene Cybersicherheits-Compliance belohnt. Durch die Zusammenarbeit können Qualys-Kunden, die mit <> (ETM) aktiv ein hohes Maß an Sicherheitshygiene verwalten und nachweisen, potenziell Anspruch auf reduzierte Cyberversicherungsprämien von Converge erhalten. Angesichts zunehmender Ransomware-Angriffe, […] First…
-
Cyber Blind Spots: The hidden technology that poses the greatest security risk
By Peter Villiers, Director of Cyber Risk at Barrier Networks There’s a growing risk across the UK’s Critical National Infrastructure (CNI) that is placing the country at serious risk of disruption. It isn’t ransomware or a headline-grabbing data breach. It sits within the systems that keep the country running. The risk is growing over time,…
-
Why Outdated Maintenance Software Is a Growing Ransomware Risk
Outdated maintenance software increases ransomware risk by exposing weak access controls, unpatched systems, and critical operational data to attackers. First seen on hackread.com Jump to article: hackread.com/outdated-maintenance-software-growing-ransomware-risk/
-
Allianz gegen Ransomware in hybriden Umgebungen – NetApp und Commvault bündeln Cyber-Resilienz-Kräfte
First seen on security-insider.de Jump to article: www.security-insider.de/netapp-und-commvault-buendeln-cyber-resilienz-kraefte-a-6c5f0a2a6679556ddfa69755c578985d/
-
Cybercriminals Exploit Microsoft Teams to Phish Login Credentials and Bypass MFA
Tags: authentication, credentials, cyber, cybercrime, espionage, exploit, iran, login, mfa, microsoft, phishing, ransomware, threatIranian state-sponsored threat actors linked to MuddyWater (Seedworm) have been caught hiding behind the Chaos ransomware brand to conduct sophisticated espionage operations, using Microsoft Teams as a phishing vector to steal credentials and manipulate multi-factor authentication (MFA). Rapid7 researchers uncovered the intrusion in early 2026, revealing a calculated false flag operation designed to mimic financially…
-
The Winter Games effect: When gold meets DDoS
Tags: attack, botnet, cctv, ddos, defense, detection, dns, government, group, infrastructure, international, Internet, iot, jobs, lockbit, network, penetration-testing, ransomware, router, service, strategy, threat, windowsAttack volumes 610x historical levels during the Winter Games period (February 623, 2026)Peak attack count reached more than 2,200 attacks on February 23NoName057(16) dominated public DDoS hacktivist claims with 47, although ransomware groups (Qilin, LockBit 5.0) also claimed success in various attacksTactical shift from pre-Winter Games high-bandwidth attacks (412.89Gbps peak) to Winter Games-period high-throughput attacksGeographic…
-
DOJ says ransomware gang tapped into Russian government databases
U.S. prosecutors said a ransomware gang fueled Russian government corruption, and allowed the gang’s leaders to avoid paying taxes and dodge the country’s military draft. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/06/doj-says-ransomware-gang-tapped-into-russian-government-databases/
-
Iranian cyber espionage disguised as a Chaos Ransomware attack
Iran-linked APT MuddyWater used ransomware-style tactics to mask espionage, combining phishing, credential theft, data exfiltration, and extortion without encryption. A newly discovered cyber intrusion attributed to the Iran-linked APT MuddyWater (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static Kitten) reveals how state-sponsored attackers are increasingly leveraging ransomware tactics to disguise espionage operations. The campaign, uncovered by security researchers at Rapid7, blended…
-
Why ransomware attacks succeed even when backups exist
Backups don’t fail because they’re missing, they fail because attackers destroy them first. Acronis explains how ransomware targets backup systems before encryption, leaving no path to recovery. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/why-ransomware-attacks-succeed-even-when-backups-exist/
-
Iran-Linked APT Posed as Chaos Ransomware Member in Espionage Campaign
Rapid7 reveals an Iranian false flag operation masquerading as a Chaos ransomware attack First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iran-linked-apt-chaos-ransomware/
-
Train like you fight: Why cyber operations teams need no-notice drills
Tags: breach, business, cloud, communications, credentials, cyber, cybersecurity, detection, framework, healthcare, injection, login, military, psychology, ransomware, risk, skills, soc, threat, training, updateThe Yerkes-Dodson inverted-U curve: Performance rises with arousal to an optimal point, then falls sharply.Wikimedia Commons, CC-ZeroWhat repeated no-notice drills do is shift a team’s position on that curve. By building familiarity with threat-level arousal, they raise the threshold at which stress becomes performance-impairing. The stimulus is no longer novel. The cascade is shorter. Executive…
-
Ransomware Gang Member Linked to Russian Cybercrime Group Sentenced to Prison
A Latvian national operating from Moscow has been sentenced to 102 months in federal prison for his role as a key negotiator within a prolific Russian ransomware network. Deniss Zolotarjovs, 35, participated in a cybercrime syndicate that orchestrated data theft and extortion campaigns against over 54 organizations worldwide between June 2021 and August 2023. The…
-
Ransomware Gangs Escalate Attacks on Aviation and Aerospace Sector
Ransomware and data extortion groups are increasingly targeting the aviation and aerospace sector, exploiting interconnected systems, shared platforms, and identity-based access models to cause operational disruption and data compromise. Cyber risk across aviation has shifted beyond traditional IT incidents toward ransomware attacks, credential theft, and platform-level compromise. The aviation ecosystem relies heavily on shared IT…
-
U.S. court sentences Karakurt ransomware negotiator to 8.5 years
Deniss Zolotarjovs was sentenced to 8.5 years in the U.S. after pleading guilty to money laundering and fraud tied to ransomware. Deniss Zolotarjovs, a Latvian national linked to the Karakurt ransomware gang, has been sentenced to 8.5 years in U.S. prison, marking a significant step in efforts to combat global ransomware operations. >>A Latvian national…
-
Conti, Akira ransomware affiliate given 8-year sentence
Deniss Zolotarjovs pleaded guilty in July 2025 to money laundering and wire fraud charges after being arrested in the country of Georgia. First seen on therecord.media Jump to article: therecord.media/conti-akira-ransomware-affiliate-sentenced
-
Latvian national sentenced for ransomware attacks run by former Conti leaders
Deniss Zolotarjovs was mostly tasked with putting pressure on the Russia-based crew’s victims, in one case leaking hundreds of children’s health records. First seen on cyberscoop.com Jump to article: cyberscoop.com/latvian-russia-ransomware-conti-sentenced/
-
Conti ransomware gang member sentenced to 102 months in prison
A Latvian national who was part of a major Russian ransomware organization that stole from and extorted more than 54 companies has been sentenced to 102 months in prison. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/usa-conti-ransomware-member-sentenced/
-
Education Sector Hit by Espionage, Phishing, and Supply Chain Attacks
Educational institutions are now facing a coordinated mix of state espionage, spear”‘phishing, and supply chain intrusions, even as classic ransomware and vulnerability volumes show signs of easing. Every attributed campaign was linked to state actors, with no financially motivated groups observed. China-aligned clusters led by MISSION2074 dominate, with additional activity from Stone Panda, Hafnium, Lotus…
-
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
A Latvian national extradited to the United States was sentenced to 8.5 years in prison for his “cold case” negotiator role in the Russian Karakurt ransomware group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/karakurt-extortion-gang-negotiator-sentenced-to-85-years-in-prison/
-
Everest Group Begins Leaking Alleged Liberty Mutual Data
Cybercrime Gang Claims to Have 108-Gbyte Trove of Insurer’s Files, Folders. Ransomware gang Everest Group claims to have stolen more than 108 gigabytes of data- including policyholder details – belonging to insurer Liberty Mutual. The cybercrime group began leaking the company’s alleged data on Monday afternoon, saying the insurer failed to respond to the gang’s…
-
Frost Bank Hit With Class-Action Lawsuits Over Data Breach Affecting More Than 100,000 Customers
What happened Frost Bank, San Antonio’s largest bank, is facing two proposed class-action lawsuits following a cyberattack attributed to the Everest ransomware group that allegedly exposed the sensitive personal data of an estimated 109,000 customers. The bank has not publicly confirmed the scope of the breach or reported it to the Texas Attorney General’s Office,…The…