Tag: ransomware
-
Business leaders see AI risks and fraud outpacing ransomware, says WEF
C-suite executives are more concerned with risks arising from AI vulnerabilities and cyber fraud than ransomware, according to the World Economic Forum First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366637198/Business-leaders-see-AI-risks-and-fraud-outpacing-ransomware-says-WEF
-
Everest Ransomware Claims Breach at Nissan, Says 900GB of Data Stolen
Everest ransomware claims to have breached Nissan Motor Corporation, alleging the theft of 900GB of internal data, including documents and screenshots. First seen on hackread.com Jump to article: hackread.com/everest-ransomware-nissan-data-breach/
-
World Economic Forum: Cyber-fraud overtakes ransomware as business leaders’ top cyber-security concern
“Pervasive” threat of phishing, invoice scams and other cyber-enabled fraud is at “record highs”, warns WEF Cybersecurity Outlook 2026 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fraud-overtakes-ransomware-as-top/
-
Operation Cronos Leader Gets Nod From King Charles
Gavin Webb from the National Crime Agency receives the OBE award from King Charles for his strategic role in Operation Cronos, disrupting the LockBit ransomware group. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/operation-cronos-leader-gets-nod-from-king-charles/
-
Basketball player arrested for alleged ransomware ties freed in Russia-France prisoner swap
Daniil Kasatkin, 26, was seen in a video shared by Russian state news outlet TASS emerging from a plane that was then used to send French researcher Laurent Vinatier back to France. First seen on therecord.media Jump to article: therecord.media/france-frees-russian-basketball-player-ransomware-swap
-
China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines
Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024.Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final stage,…
-
Fog Ransomware Targets U.S. Organizations via Compromised VPN Credentials
Tags: access, attack, credentials, cyber, encryption, exploit, incident response, ransomware, tactics, tool, vpn, vulnerabilityArctic Wolf Labs has uncovered a new ransomware variant dubbed >>Fog<< striking US organizations, primarily in education and recreation, through hijacked VPN access. First spotted on May 2, 2024, the attacks highlight vulnerabilities in remote access tools and the rapid encryption tactics used to exploit them."‹ Arctic Wolf's Incident Response team investigated multiple cases starting…
-
Fog Ransomware Targets U.S. Organizations via Compromised VPN Credentials
Tags: access, attack, credentials, cyber, encryption, exploit, incident response, ransomware, tactics, tool, vpn, vulnerabilityArctic Wolf Labs has uncovered a new ransomware variant dubbed >>Fog<< striking US organizations, primarily in education and recreation, through hijacked VPN access. First spotted on May 2, 2024, the attacks highlight vulnerabilities in remote access tools and the rapid encryption tactics used to exploit them."‹ Arctic Wolf's Incident Response team investigated multiple cases starting…
-
Attackers Use Over 240 Exploits Ahead of Ransomware Attacks
Ransomware attacks don’t begin with encryption. They start with reconnaissance and security researchers just documented a significant reconnaissance operation that unfolded over the Christmas holiday. Between December 25 and 28, a single operator systematically scanned the internet for vulnerable systems, testing more than 240 different exploits against targets and logging every successful hit. That harvested…
-
The Role of Initial Access Markets in Ransomware Campaigns Targeting Australia and New Zealand
The cyber threat environment in Australia and New Zealand has entered a critical phase throughout 2025, marked by a dramatic surge in initial access sales, sophisticated ransomware operations, and widespread data breaches affecting essential sectors. According to the Threat Landscape Report for Australia and New Zealand 2025, threat activity documented between January and November 2025…
-
Putinswap: France trades alleged ransomware crook for conflict researcher
Basketball player accused of aiding cybercrime gang extradition blocked in exchange for Swiss NGO consultant First seen on theregister.com Jump to article: www.theregister.com/2026/01/09/alleged_russian_ransom_payment_negotiator/
-
Telecom sector sees steady rise in ransomware attacks
A new threat intelligence report described a potent mixture of unpatched flaws and lax perimeter controls. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/telecom-ransomware-spike-cyble/809224/
-
Grauer Schwan: Acht plausible Szenarien mit potenziell hohem Cyberrisiko
Durch die immer stärkere Vernetzung digitaler Systeme und ihrer zunehmenden Abhängigkeit von unsichtbaren technischen Grundlagen entstehen neue Kategorien von Cyberrisiken jenseits klassischer Malware. Unterschiedliche Arten von Ransomware und Störungen könnten zu einem Verlust der universellen Zeitreferenz, einem extremen Solarereignis oder auch zu cybergestützten Umweltschäden führen. In einer aktuellen, zukunftsgerichteten Analyse hat Kaspersky sogenannte »Grey-Swan«-Szenarien untersucht:……
-
Ransomware attacks kept climbing in 2025 as gangs refused to stay dead
Cop wins hit crime infrastructure, not the people behind it First seen on theregister.com Jump to article: www.theregister.com/2026/01/08/ransomware_2025_emsisoft/
-
Ransomware Hits a Claims Giant: What the Sedgwick Breach Reveals About Modern Extortion Attacks
A recent breach disclosure reveals that claims management firm Sedgwick was targeted by the TridentLocker ransomware group, with attackers claiming to have exfiltrated sensitive data from systems supporting its government services operations before deploying ransomware, according to Cybersecurity News. While Sedgwick has not disclosed full technical details, the incident follows a well-established ransomware playbook. Attackers…
-
Holes in Veeam Backup suite allow remote code execution, creation of malicious backup config files
Tags: access, backup, credentials, cve, cvss, cybersecurity, data, exploit, jobs, malicious, monitoring, password, ransomware, remote-code-execution, risk, risk-management, sans, threat, update, veeam, vulnerabilityCVE-2025-59470 (with a CVSS score of 9) allows a Backup or Tape Operator to perform remote code execution (RCE) as the Postgres user by sending a malicious interval or order parameter;CVE-2025-59469 (with a severity score of 7.2) allows a Backup or Tape Operator to write files as root;CVE-2025-55125 (with a severity score of 7.2) allows a Backup…
-
CrazyHunter Ransomware Targets Healthcare Sector Using Sophisticated Evasion Tactics
A sophisticated new ransomware variant, CrazyHunter, has emerged as a critical threat to the healthcare sector, employing advanced anti-malware evasion techniques and rapid network propagation that have security researchers deeply concerned. Trellix, which has been actively tracking this threat since its initial appearance, reports that the ransomware represents a significant evolution in cybercriminal tactics targeting…
-
LockBit 5.0 Unveils Advanced Encryption and Enhanced Anti-Analysis Techniques
LockBit has solidified its position as the most prolific ransomware-as-a-service (RaaS) operation globally, accounting for approximately 21% of all documented ransomware attacks in 2023, following its dominance of 30.25% during the 2021-2022 period. The emergence of LockBit 5.0 represents a significant escalation in technical sophistication, introducing enhanced encryption methodologies and anti-analysis mechanisms that fundamentally complicate…
-
Neue Ransomware-Bedrohung zielt auf deutsche Unternehmen
Tags: backup, ciso, cloud, cyberattack, encryption, extortion, firewall, germany, infrastructure, intelligence, network, ransomware, threat, tool, vmware, vulnerabilityDer Ransomware-Dienst Ransomhouse nutzt jetzt eine komplexe Dual-Schlüssel-Verschlüsselung und automatisierte Angriffe auf VMware ESXi.Sicherheitsexperten haben kürzlich festgestellt, dass die Ransomware-Gruppe Jolly Scorpius ihren RaaS-(Ransomware as a Service)-Dienst Ransomhouse massiv verbessert hat. Wie das Threat-Intelligence-Team von Palo Alto Networks berichtet, nutzt die Gruppe jetzt ein fortschrittliches duales Verschlüsselungssystem.Die Angriffe basieren auf einer aktualisierten Version des Verschlüsselungs-Trojaner…
-
Telecommunications Sector Sees a Four-fold Jump in Ransomware Attacks in last 4 Years: Report
The telecommunications sector, a cornerstone of national infrastructure, continued to remain under the radar of both ransomware and nation-state actors in 2025, revealed First seen on thecyberexpress.com Jump to article: thecyberexpress.com/telecommunication-sector-cyber-threats/
-
Two cybersecurity experts plead guilty to running ransomware operation
First seen on csoonline.com Jump to article: www.csoonline.com/article/4112400/two-cybersecurity-experts-plead-guilty-to-running-ransomware-operation.html
-
Flare Researchers Analyze SafePay Ransomware Leak Data
Flare researchers analyzed SafePay leak data, showing how the group targets regulated SMBs to maximize pressure. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/flare-researchers-analyze-safepay-ransomware-leak-data/
-
As Ransomware Attacks Surge, Healthcare Must Look Beyond Compliance to Establish a Cyber Risk Mindset
Tags: attack, compliance, cyber, cybersecurity, data-breach, healthcare, insurance, ransomware, riskThe February 2024 Change Healthcare incident exposed 190 million patient records and disrupted healthcare operations nationwide, but it highlighted something far more concerning: the U.S. healthcare sector faces an unprecedented cybersecurity crisis. Healthcare is now the third most-targeted sector, experiencing a 32% surge in ransomware attacks last year. Cyber insurance claims tied to these incidents..…
-
Covenant Health Notifying 480K Patients of 2025 Data Theft
Ransomware Gang Qilin Had Claimed It Stole 852 GB of Health System’s Data. Nearly half a million patients of a Catholic healthcare network that serves New England and parts of Pennsylvania began the new year by receiving notifications that hackers may have stolen their health information in a May 2025 hacking incident. First seen on…
-
New Zealand Probes Ransomware Hack of Health Portal
More Than 100,000 Affected by Hack Detected on Dec. 30. The New Zealand government is probing a year-end ransomware hack of private healthcare service provider Manage My Health that impacted thousands of patients. Digital extortion group Kazu has claimed responsibility and threatened to leak the data on Jan. 15 unless it receives a $60,000 ransom.…
-
US Cyber Pros Plead Guilty Over BlackCat Ransomware Activity
Two US citizens pleaded guilty to working as ALPHV/BlackCat ransomware affiliates in 2023, and both were previously employed by prominent security firms. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/us-cyber-pros-plead-guilty-over-ransomware-activity
-
How the Organizational Risk Culture Standard can supercharge your cybersecurity culture
Tags: automation, ceo, communications, compliance, control, cyber, cybersecurity, data, detection, email, finance, framework, group, guide, intelligence, law, metric, nist, phishing, ransomware, RedTeam, resilience, risk, tool, updateThe 10 dimensions, translated for cybersecurity: The ORCS framework defines ten dimensions. Treat them as a system. Each one is distinct; together they are complete. Leadership & governance. Leaders set the tone, model the behavior and anchor accountability. If leaders treat cyber as only an IT issue, everyone else will, too. When leaders make risk-informed…
-
How To Build Ransomware-Resilient AI Data Pipelines: A Practical Guide for Modern Enterprises
Modern enterprises depend on AI data pipelines for analytics and automated decision-making. As these pipelines become more integrated… First seen on hackread.com Jump to article: hackread.com/building-ransomware-resilient-ai-data-pipelines/