Tag: ransomware
-
Panera’s 5.1 Million User Breach: When ‘No Hack’ Becomes a Ransomware Business Model
ShinyHunters leaked 5.1M Panera accounts after extortion failed. Contact data can’t be changed like passwords”, it’s permanent exposure fueling years of scams. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/paneras-5-1-million-user-breach-when-no-hack-becomes-a-ransomware-business-model/
-
New criminal service plans to monetize data stolen by ransomware gangs
A site called Leak Bazaar pitches itself as something closer to a data-processing business than a typical hacking or ransomware-as-a-service operation. First seen on therecord.media Jump to article: therecord.media/new-criminal-service-plans-to-monetize-ransomware-data
-
Windows Tools Abused to Kill AV Ahead of Ransomware Attacks
Hackers are increasingly turning legitimate Windows administration tools into stealthy weapons to disable antivirus and EDR before launching ransomware, making attacks faster, quieter, and harder to stop. Instead of dropping noisy custom malware upfront, modern operators chain trusted utilities to gain SYSTEM access, kill security processes, and then encrypt at scale. Because many of these…
-
TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/teampcp-exploit-stolen-supply/
-
Ransomware in 2025: Blending in is the strategy
A summary of the top ransomware trends from the Talos 2025 Year in Review, with a focus on identity, attacker tactics, and practical defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/ransomware-in-2025-blending-in-is-the-strategy/
-
Google Drive now detects ransomware and helps restore affected files
To help organizations minimize the impact of malware attacks on personal computers, Google launched ransomware detection and file restoration in beta in September 2025. These … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/31/google-drive-ransomware-detection-and-file-restoration/
-
Google Introduces Advanced Ransomware Defense and Recovery Features in Drive
Google has officially moved its advanced ransomware detection and file restoration features for Google Drive out of beta, making them generally available to organizations globally. Originally launched for beta testing in September 2025, these security enhancements are designed to minimize the destructive impact of malware attacks on both personal and corporate endpoints. The general availability…
-
Fahndung nach Cyberkriminellen 130 Firmen attackiert
130 Unternehmen und Institutionen gerieten ins Visier der Hacker.Nach jahrelangen Cybercrime-Angriffen auf mehr als Hundert Unternehmen und Einrichtungen in Deutschland haben Ermittler zwei zentrale Verdächtige identifiziert. Der eine sei der mutmaßliche Kopf von zwei Hackergruppen, der andere der mutmaßliche Programmierer der von diesen Gruppen genutzten Schadsoftware. Dies teilten das bei der Generalstaatsanwaltschaft Karlsruhe eingerichtete Cybercrime-Zentrum…
-
Qilin Ransomware allegedly breached chemical manufacturer giant Dow Inc
Qilin ransomware claims a breach of Dow Inc., listing it on its Tor leak site, but no proof of the hack has been released yet. Qilin Ransomware group allegedly breached the chemical manufacturing giant Dow Inc. The cybercrime group added the company to its Tor data leak site, but at this time, it has not…
-
National Cyber Resilience Demands Unified Defense
UK NCSC’s Richard Horne on Strengthening Cyber Defense and Incident Response. Cyber risk is rising as digital dependence grows and threat actors expand. NCSC CEO Richard Horne outlines why leaders must treat cybersecurity as mission-critical, strengthen their resilience, and align defense efforts to counter ransomware, AI-driven threats, and supply chain attacks. First seen on govinfosecurity.com…
-
Global Cybercrime Investigations Gain Ground
Stan Duijf of Dutch National Police on Collaborative Law Enforcement. Global law enforcement agencies are shifting tactics to disrupt ransomware earlier in the attack chain. Stan Duijf of the Dutch National Police describes how collaboration, threat intelligence and cryptocurrency seizures are making cybercrime more costly and less effective for criminals. First seen on govinfosecurity.com Jump…
-
Partei Die Linke wurde Opfer eines Cyberangriffs
Wie Trend Micro berichtet, wurde vergangenen Donnerstag das IT-Netzwerk der Partei Die Linke Ziel eines Cyberangriffs. In der veröffentlichten Pressemeldung heißt es: ‘Uns liegen Hinweise vor, dass es sich um einen Ransomware-Angriff der Hackergruppe “šQilin’ handelt. Dabei handelt es sich um eine mutmaßlich russischsprachige Cybercrime-Organisation, deren Aktivitäten sowohl finanziell als auch politisch motiviert sein können.”…
-
Am WorldDay geht es nicht mehr nur um Datensicherung, sondern auch um das Identitäts- und Zugriffsmanagement
Shane Barney, Chief Information Security Officer bei Keeper SecurityDer World-Backup-Day unterstreicht eine grundlegende Anforderung für Organisationen in ganz Europa: Die Fähigkeit, Daten schnell und sicher wiederherzustellen. Dies ist von zentraler Bedeutung für die Cybersicherheit und die Geschäftskontinuität. Ob durch Ransomware, menschliche Fehler oder Systemstörungen verursacht, ein Datenverlust gehört nach wie vor zu den unmittelbarsten und…
-
WorldDay Mehr als nur Schutz vor Ransomware
In einer Welt voller KI, Zero-Day-Exploits und nationalstaatlichen Cyberbedrohungen mag die Datensicherung wie eine Aufgabe aus dem Grundkurs Cybersicherheit erscheinen. Doch einige der schwerwiegendsten Vorfälle, mit denen Unternehmen konfrontiert sind, sind nicht auf hochkomplexe Angriffe zurückzuführen, sondern darauf, dass sie nicht auf das Unvermeidliche vorbereitet sind und Datenverlust ist unvermeidlich. Wenn die meisten Unternehmen […]…
-
TeamPCP’s attack spree slows, but threat escalates with ransomware pivot
TeamPCP’s destructive run of supply chain breaches has stopped, for now: it has been three days since the group published malicious versions of Telnyx’s SDK on PyPI, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/30/teampcp-supply-chain-attacks-ransomware/
-
Exposed Server Leaks TheGentlemen Ransomware Toolkit, Credentials, and Ngrok Tokens
A fully operational TheGentlemen ransomware toolkit on an exposed server, revealing victim credentials, ngrok tokens, and a complete pre-encryption playbook. This led them to an unauthenticated HTTP server at 176.120.22[.]127:80, hosted by Russian bulletproof provider Proton66 OOO, exposing 126 files across 18 subdirectories and about 140 MB of data. Proton66 has previously been tied to…
-
Parteizentrale der Linken gehackt
Die Linke meldet einen Cyberangriff auf die eigene IT-Infrastruktur. Offenbar sind auch schon die Verursacher ermittelt worden. First seen on golem.de Jump to article: www.golem.de/news/ransomware-parteizentrale-der-linken-wurde-gehackt-2603-206998.html
-
Parteizentrale der Linken gehackt
Die Linke meldet einen Cyberangriff auf die eigene IT-Infrastruktur. Offenbar sind auch schon die Verursacher ermittelt worden. First seen on golem.de Jump to article: www.golem.de/news/ransomware-parteizentrale-der-linken-wurde-gehackt-2603-206998.html
-
Erpressungen erwartet: Hacker wollen riesige Supply-Chain-Attacke zu Geld machen
Nach verheerenden Attacken auf Trivy, LiteLLM und andere Tools will TeamPCP massenhaft eingesammelte Zugangsdaten für Ransomware-Angriffe einsetzen. First seen on golem.de Jump to article: www.golem.de/news/erpressungen-erwartet-hacker-wollen-riesige-supply-chain-attacke-zu-geld-machen-2603-206984.html
-
RSAC Focuses Cybersecurity Insights, Tech, and Community in One Place
The RSAC conference has once again descended upon San Francisco and delivered an event that brings together the largest collection of industry leaders, technologies, and cybersecurity community events! Over the course of several days, attendees accessed exceptional keynotes, thought-leading expert sessions, and an unmatched technology expo. During the evenings, there were countless private events, get-togethers,…
-
Cyberangriff auf die Linke
Die Hackergruppe “Qilin” steht möglicherweise hinter dem Angriff.Die Linke ist nach eigenen Angaben Opfer einer schweren Cyberattacke geworden und vermutet dahinter russischsprachige Hacker. Man habe am Donnerstag sofort reagiert und Teile der IT-Infrastruktur vom Netz genommen, teilte Bundesgeschäftsführer Janis Ehling mit. «Nach derzeitigen Erkenntnissen zielen die Täter darauf ab, sensible Daten aus dem inneren Bereich der…
-
The Cyber Express Weekly Roundup: Cyberattacks, AI Risks, and Geopolitical Cyber Threats
In this week’s weekly roundup, The Cyber Express brings together the latest developments in global cybersecurity news, from high-profile ransomware attacks to emerging risks in AI adoption and geopolitical cyber activity. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/the-cyber-express-weekly-roundup-march-27/
-
The Energy Sector Isn’t Ready for Ransomware”, and 2025 Proved It
The global surge in energy sector ransomware attacks intensified throughout 2025, exposing deep vulnerabilities in critical infrastructure. As organizations prepare for what’s coming next, the lessons are becoming harder to ignore. The systems that power homes, fuel industries, and sustain modern life are under siege, not by isolated hackers, but by highly organized ransomware groups operating at scale. First seen on thecyberexpress.com Jump…
-
BianLian Ransomware Spreads via Fake Invoice SVG Images in New Attacks
Researchers at WatchGuard have identified a new phishing campaign targeting companies in Venezuela. Using malicious SVG image files… First seen on hackread.com Jump to article: hackread.com/bianlian-ransomware-fake-invoice-svg-images-attacks/
-
Infrastructure Attacks With Physical Consequences Down 25%
Operational technology (OT) at industrial and critical infrastructure sites seem to have been benefitting from a lull in ransomware, and hackers’ relative ignorance of OT systems. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/infrastructure-attacks-physical-consequences-down
-
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker.”Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon Russian…
-
Breach Roundup: Tycoon2FA Phishing Platform Rebounds
Tags: 2fa, attack, breach, data, data-breach, healthcare, iran, malware, north-korea, oracle, phishing, ransomware, russiaAlso, Russian Signal Phishing, Iran-Linked Malware, Breaches in Spain and France. This week, Tycoon 2FA, Trio-Tech, messaging app spying and a ransomware broker sentenced. Iran-linked hackers. Mazda disclosed a breach. Oracle patched a flaw. North Korean actors weaponized VS Code, a Spanish port ransomware attack, a French teacher data breach and a healthcare firm victim…
-
Pro-Ukraine hacker group Bearlyfy targets Russian companies with custom ransomware
A pro-Ukrainian hacker group known as Bearlyfy has carried out more than 70 cyberattacks against Russian companies over the past year and is now escalating its campaign with newly developed ransomware tools, researchers have found. First seen on therecord.media Jump to article: therecord.media/ransomware-ukraine-russia-bearlyfy
-
Iran-Linked Pay2Key Ransomware Group Re-Emerges
Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iranlinked-pay2key-ransomware/