Tag: ransomware

Medical Group Will Pay $1.2M to Settle Data Theft Lawsuit

Dec 16, 2025 11:19 PM

Tags: attack, cybercrime, data, group, leak, ransomware, theft

Cybercrime Gang Rhysida Still Lists the Practice on Its Leak Site Among Its Victims. A Kansas medical group will pay $1.2 million to settle proposed class action litigation involving an attack that compromised the sensitive data of nearly 256,000 individuals. The Rhysida ransomware operation claimed responsibility and said it stole 3 terabytes. First seen on…
LLM-Driven Automation: A New Catalyst for Ransomware and RaaS Ecosystems

Dec 16, 2025 9:19 PM

Tags: ai, automation, cyber, LLM, ransomware, tactics, threat

SentinelLABS has released a comprehensive assessment regarding the integration of Large Language Models (LLMs) into the ransomware ecosystem, concluding that while AI is not yet driving a fundamental transformation in tactics, it is significantly accelerating the operational lifecycle. The research indicates that measurable gains in speed, volume, and multilingual reach are reshaping the threat landscape,…
How to create a ransomware playbook that works

Dec 16, 2025 9:19 AM

Tags: access, antivirus, attack, authentication, awareness, backup, best-practice, breach, business, communications, corporate, credentials, cyber, cybersecurity, data, defense, detection, edr, email, encryption, exploit, finance, firewall, flaw, identity, incident response, infrastructure, insurance, law, least-privilege, malicious, malware, mfa, mobile, phishing, ransom, ransomware, risk, skills, social-engineering, software, strategy, technology, threat, tool, training, update, vulnerability

Staffing, skills, and training: Many organizations continue to find that cybersecurity experts are in short supply, so staffing up teams is a challenge. That can be problematic for a ransomware strategy. Companies need to have a variety of skills in place, including expertise in incident detection and prevention, incident response, firewall configuration, and other areas.They…
How to create a ransomware playbook that works

Dec 16, 2025 9:19 AM

Tags: access, antivirus, attack, authentication, awareness, backup, best-practice, breach, business, communications, corporate, credentials, cyber, cybersecurity, data, defense, detection, edr, email, encryption, exploit, finance, firewall, flaw, identity, incident response, infrastructure, insurance, law, least-privilege, malicious, malware, mfa, mobile, phishing, ransom, ransomware, risk, skills, social-engineering, software, strategy, technology, threat, tool, training, update, vulnerability

Staffing, skills, and training: Many organizations continue to find that cybersecurity experts are in short supply, so staffing up teams is a challenge. That can be problematic for a ransomware strategy. Companies need to have a variety of skills in place, including expertise in incident detection and prevention, incident response, firewall configuration, and other areas.They…
How to create a ransomware playbook that works

Dec 16, 2025 9:19 AM

Tags: access, antivirus, attack, authentication, awareness, backup, best-practice, breach, business, communications, corporate, credentials, cyber, cybersecurity, data, defense, detection, edr, email, encryption, exploit, finance, firewall, flaw, identity, incident response, infrastructure, insurance, law, least-privilege, malicious, malware, mfa, mobile, phishing, ransom, ransomware, risk, skills, social-engineering, software, strategy, technology, threat, tool, training, update, vulnerability

Staffing, skills, and training: Many organizations continue to find that cybersecurity experts are in short supply, so staffing up teams is a challenge. That can be problematic for a ransomware strategy. Companies need to have a variety of skills in place, including expertise in incident detection and prevention, incident response, firewall configuration, and other areas.They…
Askul confirms theft of 740k customer records in ransomware attack

Dec 16, 2025 1:19 AM

Tags: attack, hacker, ransomware, theft

Japanese e-commerce giant Askul Corporation has confirmed that RansomHouse hackers stole around 740,000 customer records in the ransomware attack it suffered in October. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/askul-confirms-theft-of-740k-customer-records-in-ransomhouse-attack/
The 5 power skills every CISO needs to master in the AI era

Dec 15, 2025 5:19 PM

Tags: ai, automation, breach, business, ciso, compliance, control, cyber, cybersecurity, data, defense, detection, encryption, endpoint, framework, governance, identity, jobs, law, leak, metric, network, ransomware, resilience, risk, risk-management, skills, technology, threat, tool, update

Why traditional skill sets are no longer enough: CISO action item: Run a 1-hour “AI Bias Audit” on your top 3 detection rules this quarter.Ask: “What data is missing? Who is underrepresented?”According to the World Economic Forum’s Future of Jobs Report, nearly 40% of core job skills will change by 2030, driven primarily by AI,…
The 5 power skills every CISO needs to master in the AI era

Dec 15, 2025 5:19 PM

Tags: ai, automation, breach, business, ciso, compliance, control, cyber, cybersecurity, data, defense, detection, encryption, endpoint, framework, governance, identity, jobs, law, leak, metric, network, ransomware, resilience, risk, risk-management, skills, technology, threat, tool, update

Why traditional skill sets are no longer enough: CISO action item: Run a 1-hour “AI Bias Audit” on your top 3 detection rules this quarter.Ask: “What data is missing? Who is underrepresented?”According to the World Economic Forum’s Future of Jobs Report, nearly 40% of core job skills will change by 2030, driven primarily by AI,…
Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files

Dec 15, 2025 5:19 PM

Tags: flaw, group, ransomware, russia

A new version of VolkLocker, wielded by the pro-Russia RaaS group CyberVolk, has some key enhancements but one fatal flaw. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/flaw-hacktivist-ransomware-victims-decrypt-files
Ransomware-Bande attackiert Ideal Versicherung

Dec 15, 2025 4:19 PM

Tags: cyberattack, infrastructure, insurance, ransomware

Die Ransomware-Bande Akira hat die Versicherungsgruppe Ideal angegriffen.Auf seiner Webseite informiert das Versicherungsunternehmen Ideal aktuell über einen Cyberangriff. Die Systeme seien vorsorglich vom Netz genommen worden und der Geschäftsbetrieb würde nur noch eingeschränkt funktionieren, heißt es.Die zur Versicherungsgruppe gehörende Ahorn AG ist demnach ebenfalls von dem IT-Ausfall betroffen. Hingegen blieb das Tochterunternehmen myLife Lebensversicherung verschont.…
Ransomware-Bande attackiert Ideal Versicherung

Dec 15, 2025 4:19 PM

Tags: cyberattack, infrastructure, insurance, ransomware

Die Ransomware-Bande Akira hat die Versicherungsgruppe Ideal angegriffen.Auf seiner Webseite informiert das Versicherungsunternehmen Ideal aktuell über einen Cyberangriff. Die Systeme seien vorsorglich vom Netz genommen worden und der Geschäftsbetrieb würde nur noch eingeschränkt funktionieren, heißt es.Die zur Versicherungsgruppe gehörende Ahorn AG ist demnach ebenfalls von dem IT-Ausfall betroffen. Hingegen blieb das Tochterunternehmen myLife Lebensversicherung verschont.…
Cyberangriff auf Ideal Gruppe: Systeme von Berliner Versicherung kompromittiert

Dec 15, 2025 2:19 PM

Tags: cyberattack, insurance, ransomware

Die auf Alters- und Pflegevorsorgeversicherungen spezialisierte Ideal Gruppe untersucht einen Ransomware-Befall. Der Geschäftsbetrieb ist eingeschränkt. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-hacker-attackieren-ideal-versicherung-mit-ransomware-2512-203275.html
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack

Dec 15, 2025 1:19 PM

Tags: attack, ceo, cyber, cybersecurity, group, ransomware

Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/asahi-launch-cybersecurity/
Cyberangriff: Hacker attackieren Ideal Versicherung mit Ransomware

Dec 15, 2025 1:19 PM

Tags: cyberattack, hacker, insurance, ransomware

Die auf Alters- und Pflegevorsorgeversicherungen spezialisierte Ideal Gruppe untersucht einen Ransomware-Befall. Der Geschäftsbetrieb ist eingeschränkt. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-hacker-attackieren-ideal-versicherung-mit-ransomware-2512-203275.html
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack

Dec 15, 2025 1:19 PM

Tags: attack, ceo, cyber, cybersecurity, group, ransomware

Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/asahi-launch-cybersecurity/
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack

Dec 15, 2025 1:19 PM

Tags: attack, ceo, cyber, cybersecurity, group, ransomware

Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/asahi-launch-cybersecurity/
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack

Dec 15, 2025 1:19 PM

Tags: attack, ceo, cyber, cybersecurity, group, ransomware

Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/asahi-launch-cybersecurity/
New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems

Dec 15, 2025 9:19 AM

Tags: automation, cyber, group, linux, ransomware, russia, service, windows

CyberVolk, a pro-Russia hacktivist group first documented in late 2024, has resurfaced with a sophisticated ransomware-as-a-service (RaaS) offering called VolkLocker after months of dormancy caused by Telegram enforcement actions. The group returned in August 2025 with version 2.x, featuring advanced Telegram-based automation and cross-platform capabilities targeting both Linux and Windows systems. VolkLocker is built in…
New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems

Dec 15, 2025 9:19 AM

Tags: automation, cyber, group, linux, ransomware, russia, service, windows

CyberVolk, a pro-Russia hacktivist group first documented in late 2024, has resurfaced with a sophisticated ransomware-as-a-service (RaaS) offering called VolkLocker after months of dormancy caused by Telegram enforcement actions. The group returned in August 2025 with version 2.x, featuring advanced Telegram-based automation and cross-platform capabilities targeting both Linux and Windows systems. VolkLocker is built in…
Gentlemen Ransomware Emerges as a Threat to Corporate Networks

Dec 15, 2025 9:19 AM

Tags: corporate, cyber, data, encryption, extortion, group, network, ransomware, theft, threat, usa

A sophisticated new ransomware group known as >>Gentlemen
Asahi Cyberattack Forces Shift to Zero-Trust Model, Delays Earnings by Over 50 Days

Dec 15, 2025 8:19 AM

Tags: corporate, cyber, cyberattack, cybersecurity, data-breach, finance, group, ransomware, vulnerability, zero-trust

Asahi Group Holdings Ltd. is weighing the creation of a dedicated cybersecurity unit as it continues to deal with the prolonged impact of a ransomware incident that struck the company in late September. The Asahi cyberattack disrupted core operations, delayed financial reporting, and exposed vulnerabilities in both the company’s internal systems and Japan’s broader corporate…
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

Dec 15, 2025 8:19 AM

Tags: data-breach, extortion, group, ransomware, russia, service, windows

The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new ransomware-as-a-service (RaaS) offering called VolkLocker that suffers from implementation lapses in test artifacts, allowing users to decrypt files without paying an extortion fee.According to SentinelOne, VolkLocker (aka CyberVolk 2.x) emerged in August 2025 and is capable of targeting both Windows First…
Manufacturing is becoming a test bed for ransomware shifts

Dec 15, 2025 6:19 AM

Tags: data, ransomware, risk, sophos, threat

Manufacturing leaders may feel that ransomware risk has settled, but new data shows the threat is shifting in ways that require attention, according to a Sophos report. A … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/15/sophos-manufacturing-ransomware-risks-report/
Hacks Up, Budgets Down: OT Oversight Must Be An IT Priority

Dec 11, 2025 8:32 PM

Tags: hacker, monitoring, ransomware

OT oversight is an expensive industrial paradox. It’s hard to believe that an area can be simultaneously underappreciated, underfunded, and under increasing attack. And yet, with ransomware hackers knowing that downtime equals disaster and companies not monitoring in kind, this is an open and glaring hole across many ecosystems. Even a glance at the numbers..…
Hacks Up, Budgets Down: OT Oversight Must Be An IT Priority

Dec 11, 2025 8:32 PM

Tags: hacker, monitoring, ransomware

OT oversight is an expensive industrial paradox. It’s hard to believe that an area can be simultaneously underappreciated, underfunded, and under increasing attack. And yet, with ransomware hackers knowing that downtime equals disaster and companies not monitoring in kind, this is an open and glaring hole across many ecosystems. Even a glance at the numbers..…
New DroidLock Malware Locks Android Devices and Demands Ransom Payment

Dec 11, 2025 7:32 PM

Tags: android, control, cyber, malware, phishing, ransom, ransomware, threat

The zLabs research team has identified a sophisticated new threat campaign targeting Spanish Android users through a malware strain called DroidLock. Unlike traditional ransomware that encrypts files, this Android-focused threat employs a more direct approach locking devices with ransomware-style overlays and demanding payment while maintaining complete control over compromised handsets. DroidLock primarily spreads through phishing…
New 01Flip Ransomware Targets Both Windows and Linux Systems

Dec 11, 2025 7:32 PM

Tags: cyber, linux, malware, network, programming, ransomware, rust, threat, windows

Security researchers at Palo Alto Networks Unit 42 have identified a newly emerging ransomware family, 01flip, that represents a significant shift in malware development tactics. Discovered in June 2025, this sophisticated threat is entirely written in Rust a modern programming language that enables cross-platform compatibility and currently targets a limited set of victims across the…
New ‘DroidLock’ Android Malware Locks Users Out, Spies via Front Camera

Dec 11, 2025 4:32 PM

Tags: android, cctv, credentials, malware, phishing, ransomware

Zimperium zLabs reveals DroidLock, a new Android malware acting like ransomware that can hijack Android devices, steal credentials via phishing, and stream your screen via VNC. First seen on hackread.com Jump to article: hackread.com/droidlock-android-malware-users-spy-camera/
Ivantis EPM-Systeme anfällig für Angriffe

Dec 11, 2025 2:32 PM

Tags: access, api, authentication, bug, cisa, cve, cvss, cyberattack, exploit, infrastructure, Internet, ivanti, malware, ransomware, social-engineering, software, update, vulnerability, xss

Unternehmen sollten ihre EPM-Systeme von Ivanti so bald wie möglich patchen, da dort schwerwiegende Sicherheitslücken entdeckt wurden.Ivanti hat kürzlich einen schwerwiegenden Fehler in seinen EMP-Systemen gemeldet, der Admin-Sitzungen ohne Authentifizierung erlaubt. Angreifer könnten dadurch möglicherweise Tausende von Unternehmensgeräten kontrollieren.Der Software-Anbieter veröffentlichte die EPM-Version 2024 SU4 SR1, um mehrere Schwachstellen zu beheben. Dazu gehört die kritische…
Ivantis EPM-Systeme anfällig für Angriffe

Dec 11, 2025 2:32 PM

Tags: access, api, authentication, bug, cisa, cve, cvss, cyberattack, exploit, infrastructure, Internet, ivanti, malware, ransomware, social-engineering, software, update, vulnerability, xss

Unternehmen sollten ihre EPM-Systeme von Ivanti so bald wie möglich patchen, da dort schwerwiegende Sicherheitslücken entdeckt wurden.Ivanti hat kürzlich einen schwerwiegenden Fehler in seinen EMP-Systemen gemeldet, der Admin-Sitzungen ohne Authentifizierung erlaubt. Angreifer könnten dadurch möglicherweise Tausende von Unternehmensgeräten kontrollieren.Der Software-Anbieter veröffentlichte die EPM-Version 2024 SU4 SR1, um mehrere Schwachstellen zu beheben. Dazu gehört die kritische…