Tag: ransomware
-
Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered
Tags: attack, breach, credentials, cybercrime, finance, fraud, infrastructure, law, malware, microsoft, network, ransomwareA coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC.”The main common goal was to disrupt the ‘assembly lines’ cybercriminals use to launch ransomware, financial fraud, and attacks on critical infrastructure,” Europol said in First seen…
-
Microsoft, Europol lead international takedown against infostealer malware
Cybercriminals used Amadey and StealC to infect thousands of computers worldwide, leading to ransomware and other digital crimes. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-europol-international-takedown-infostealer-malware/823655/
-
Ransomware attacks grew in 2025 as traditional data breaches fell
In a new report, Bitsight charted a massive surge in internet-exposed AI services. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-data-breaches-ai-bitsight/823649/
-
Law enforcement hits StealC and Amadey malware networks
Operation Endgame, the largest international law enforcement operation aimed at disrupting ransomware and cybercrime infrastructure across the world, has claimed its latest … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/24/operation-endgame-stealc-amadey-malware-disrupted/
-
Amadey, StealC malware operations disrupted in Operation Endgame action
Microsoft, Europol, and international partners have disrupted infrastructure used by the Amadey and StealC malware operations as part of Operation Endgame, which targets cybercriminal services and ransomware gangs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/amadey-stealc-malware-operations-disrupted-in-operation-endgame-action/
-
Indian auto giant Bajaj Auto hit by ransomware incident
The company said in a regulatory filing that it became aware of the incident on Tuesday morning and had taken precautionary measures to contain its impact. First seen on therecord.media Jump to article: therecord.media/indian-auto-giant-bajaj-auto-hit-by-ransomware
-
ModeloRAT and Mistic Backdoor Activity Linked to Ransomware Initial Access Broker
The Python-based remote access trojan ModeloRAT and a newly observed stealth backdoor, dubbed Backdoor.Mistic, to activity consistent with an initial access broker (IAB) operation that facilitates ransomware deployments. Mistic first seen in April 2026 and publicized by Zscaler as MLTBackdoor access appears optimized for long-term, low-visibility access and was discovered deployed in at least one…
-
Deutschland zählt zu den Hauptzielen: Ransomware-Angriffe nehmen deutlich zu
Cyberkriminelle setzen immer häufiger auf Erpressungssoftware. Ihre Angriffe werden zunehmend professioneller. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ransomware-angriffe-nehmen-zu-2
-
Iran-Linked MuddyWater Poses as Ransomware Gang to Mask Cyber Espionage
An NCC Group report warns state-backed hackers are attempting to hide activity by posing as ransomware groups and deploying commercially available malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iranlinked-muddywater-poses-as/
-
Stealthy Mistic backdoor linked to ransomware access broker KongTuke
A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, education, IT, and professional services sectors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/stealthy-mistic-backdoor-linked-to-ransomware-access-broker-kongtuke/
-
Payouts King Initial Access Broker Deploys Edgecution Malware Through Malicious Edge Extension
A concerted campaign by an initial access broker with ties to the Payouts King ransomware ecosystem that leverages a novel browser-based delivery technique to establish persistent host-level control. The actor deploys a malicious Microsoft Edge extension dubbed >>Edgecution<< which abuses the Chrome native messaging protocol to reach a Python backdoor running on the endpoint, effectively…
-
Bajaj Auto Discloses Ransomware Cyberattack Impacting Company and Technology Unit
Bajaj Auto has reported a ransomware attack that affected its internal systems and those of its wholly owned subsidiary, Bajaj Auto Technology Ltd (BATL). This incident highlights the growing threat of cyberattacks targeting major manufacturing and automotive organizations. The attack occurred around 8:00 AM IST on June 23 and was formally disclosed in a regulatory…
-
New Prinz Eugen ransomware targets recent files, avoids ransom notes
First seen on scworld.com Jump to article: www.scworld.com/brief/new-prinz-eugen-ransomware-targets-recent-files-avoids-ransom-notes
-
Colonial Pipeline: 2021 Hindsight and 2026 Insights
Five years after Colonial Pipeline, critical infrastructure still faces ransomware threats and OT security gaps. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/colonial-pipeline-2021-hindsight-and-2026-insights/
-
Tata Electronics Data Breach Exposes 200,000+ Files Linked to Apple and Tesla, Hackers Claim
Tags: apple, breach, cyber, cybersecurity, dark-web, data, data-breach, group, hacker, ransomware, threatTata Electronics has reported a cybersecurity incident following claims from a ransomware-linked threat group that it has exfiltrated and published over 200,000 files related to Apple and Tesla’s manufacturing operations. The leaked data, which is said to amount to more than 630 GB, has appeared on a dark web portal operated by the >>World Leaks<<…
-
Tata Electronics Data Breach Exposes 200,000+ Files Linked to Apple and Tesla, Hackers Claim
Tags: apple, breach, cyber, cybersecurity, dark-web, data, data-breach, group, hacker, ransomware, threatTata Electronics has reported a cybersecurity incident following claims from a ransomware-linked threat group that it has exfiltrated and published over 200,000 files related to Apple and Tesla’s manufacturing operations. The leaked data, which is said to amount to more than 630 GB, has appeared on a dark web portal operated by the >>World Leaks<<…
-
Microsoft Uncovers Parallel Threat Activity From Two Cyberattackers in Single Intrusion
Microsoft’s latest incident write-up shows that a single intrusion can mask two parallel threat activity streams, one tied to Storm-2603 and another to an unknown actor, making the attack far more complex than a conventional ransomware case. The incident began with activity against on-premises SharePoint servers and an attempt to establish internal footholds through exposed…
-
Prinz Eugen Ransomware Hits Recent Files First and Skips Ransom Notes
Prinz Eugen ransomware prioritizes recently modified files and leaves no ransom note on disk, creating new pressure on backup windows, endpoint alerts, and incident response playbooks. The post Prinz Eugen Ransomware Hits Recent Files First and Skips Ransom Notes appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-prinz-eugen-ransomware-recent-files/
-
GentleKiller Framework Disables Victims’ Security Software
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/gentlekiller-gentlemen-ransomware/
-
âš¡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More
It’s Monday again.This week’s threat list looks painfully familiar: abused integrations, fake tools, poisoned websites, ransomware crews trying to shut down security tools, and mobile malware asking for way too much control.The annoying part is how little of this feels new. Weak credentials, sketchy downloads, browser extensions with too much access, and WordPress sites are…
-
Top 10 Best Cyber Insurance Providers For Businesses in 2026
Tags: breach, cyber, cyberattack, cybersecurity, data, defense, insurance, phishing, ransomware, threatIn the fast-paced digital world of 2026, cyberattacks are no longer a matter of if, but when. The increasing sophistication of threats like ransomware, phishing, and data breaches means that even businesses with robust cybersecurity defenses are at risk. As a result, cyber insurance has evolved from a niche product into a critical component of…
-
Prinz Eugen Ransomware Uses Go-Based Encryptor to Target Fresh Files and Evade Forensics
A customer compromised by a newly observed ransomware family we attribute to the Prinz Eugen group. The encryptor is a purpose-built Go binary that departs from many first-wave samples by combining deliberate file-targeting, modern cryptography, and anti”‘forensic measures traits that raise both technical and operational concerns for defenders. The intrusion likely began with compromised RDP…
-
INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific
Tags: ai, cybercrime, cybersecurity, Internet, interpol, network, organized, phishing, ransomware, scamA new report from INTERPOL has revealed a “dramatic increase” in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal networks, and a disparity in cybersecurity maturity.According to INTERPOL’s 2025/2026 Asia and South Pacific Cyberthreat Assessment Report, phishing has emerged as the most widespread and First seen…
-
Inside GentleKiller: The EDR-Killer Powering The Gentlemen
The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ESET published a detailed breakdown of The Gentlemen’s technical infrastructure on June 18, the result of months of incident-level investigation corroborated by the group’s own internal data leak from May 2026. Since emerging in late…
-
New Prinz Eugen ransomware prioritizes recent files for encryption
A new ransomware operation named ‘Prinz Eugen’ prioritizes recently modified files for encryption and leaves no ransom note on the system. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-prinz-eugen-ransomware-prioritizes-recent-files-for-encryption/
-
Gentlemen RaaS Unifies HexKiller, ThrottleBlood, and HavocKiller in New Evasion Suite
An analysis of the Gentlemen ransomware-as-a-service (RaaS) operation has revealed a sophisticated, centralized approach to neutralizing endpoint detection and response (EDR) solutions. This unified defense evasion framework sets the group apart in an increasingly crowded ransomware landscape, significantly lowering the technical barrier for affiliates and driving the gang into the top five most active operations…
-
HIPAA’s No Joke: Gag Gift Firm’s Health Plan Pays $450K Fine
Investigation of Spencer’s Gifts Ransomware Breach Unearths Data Privacy Violations. The employer-sponsored health plan of novelty merchandise retailer Spencer Gift has paid a $450,000 HIPAA penalty and agreed to implement a corrective action plan to resolve findings of a federal breach investigation into a 2021 attack by now-defunct ransomware gang Conti. First seen on govinfosecurity.com…
-
Operation Endgame Disrupts Malware Network Linked to Major Ransomware Gang
SocGholish malware has been removed from 15,000 sites associated with Evil Corp hackers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/operation-endgame-socgholish-evil/
-
Ransomware in der Lebensmittelindustrie: OT-Sicherheit wird zum kritischen Faktor
Tags: ransomwareBesonders kritisch bleibt der Umgang mit Altanlagen. Viele Maschinen in der Lebensmittelproduktion sind über Jahrzehnte im Einsatz. Häufig laufen sie mit veralteten Betriebssystemen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ransomware-in-der-lebensmittelindustrie-ot-sicherheit-wird-zum-kritischen-faktor/a45549/
-
Gentlemen-Ransomware hebelt EDR-Schutz aus
Die Erpressergruppe Gentlemen nutzt ein Arsenal an EDR-Killern wie GentleKiller, um Antiviren-Programme gezielt auszuschalten und Daten zu verschlüsseln. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/edr-schutz-gentlemen-ransomware