Tag: ransomware
-
Warum Unternehmen die 31Methode nutzen sollten
Die 3-2-1-Backup-Strategie ist eine technische Mindestanforderung für resiliente IT”‘Infrastrukturen, da Datenverluste durch Ausfälle, Fehlkonfigurationen oder Ransomware erhebliche Betriebs”‘ und Compliance”‘Risiken verursachen. Sie basiert auf drei Datenkopien auf zwei unterschiedlichen Medientypen, davon eine räumlich getrennte, idealerweise offline oder immutable, um Single Points of Failure zu vermeiden. Entscheidend sind regelmäßige Restore”‘Tests sowie klare RPO/RTO”‘Definitionen, denn nur verifizierbare……
-
Russian national convicted for running botnet used in attacks on U.S. firms
A Russian hacker got 2 years in prison, $100K fine, and $1.6M judgment for running a botnet used in ransomware attacks on U.S. firms. Russian national Ilya Angelov (40) was sentenced to 24 months in prison for operating a botnet used to carry out ransomware attacks on dozens of U.S. companies. He was also fined…
-
Ransomware attack disrupts operation at major Spanish fishing port
A ransomware attack has disrupted digital systems at Spain’s Port of Vigo, forcing authorities to disconnect parts of its network and temporarily manage cargo operations manually. First seen on therecord.media Jump to article: therecord.media/port-of-vigo-ransomware
-
Iran-linked ransomware operation targeted US healthcare provider
The Pay2Key group may have shifted its aims from extortion to destruction. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/iran-linked-ransomware-operation-targeted-us-healthcare-provider/815652/
-
Russian botnet operator linked to major ransomware attacks sentenced in US
Ilya Angelov, 40, of Tolyatti, Russia, pleaded guilty to managing a botnet that other cybercriminals used to break into corporate systems and deploy ransomware. First seen on therecord.media Jump to article: therecord.media/russian-botnet-operator-sentenced-ransomware
-
Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars
A Russian national has been sentenced to 24 months in prison after admitting he managed a botnet used to launch ransomware attacks against dozens of U.S. companies. The judge … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/25/russian-botnet-operator-sentenced-mario-kart-ransomware/
-
Why AI agents are one prompt away from ransomware
As AI adoption advances beyond chatbots, security leaders are up against rogue AI agents mirroring threat actors and a generational skills gap as security operations teams become overly dependent on AI First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640722/Why-AI-agents-are-one-prompt-away-from-ransomware
-
Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
The U.S. Department of Justice (DoJ) said a Russian national has been sentenced to two years in prison for managing a botnet that was used to launch ransomware attacks against U.S. companies.Ilya Angelov, 40, of Tolyatti, Russia, was also fined $100,000. Angelov, who went by the online aliases “milan” and “okart,” is said to have…
-
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
-
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
-
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
-
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts, and Cloud Workloads
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Windows intrusions against Israeli and Brazilian organizations, Pay2Key has re-emerged as a ransomware-as-a-service (RaaS) with explicit support for Linux environments. Recent research shows that newer…
-
Manager of botnet used in ransomware attacks gets 2 years in prison
A Russian national has been sentenced to two years in prison after admitting that the phishing botnet he managed was used to launch BitPaymer ransomware attacks against 72 U.S. companies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-man-sentenced-for-operating-botnet-used-in-ransomware-attacks/
-
Manager of botnet used in ransomware attacks gets 2 years in prison
A Russian national has been sentenced to two years in prison after admitting that the phishing botnet he managed was used to launch BitPaymer ransomware attacks against 72 U.S. companies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-man-sentenced-for-operating-botnet-used-in-ransomware-attacks/
-
SQL Server Ransomware Attacks: How They Work and How to Harden Your Database
Key Takeaways â— Documented SQL Server attacks have moved from initial access to ransomware deployment within the hour when exposure is high and defenses are absent, but attack timelines vary widely depending on privileges, host controls, segmentation, and attacker quality. â— Attackers escalate from SQL privileges to OS […] The post SQL Server Ransomware Attacks:…
-
Iran-linked ransomware gang targeted US healthcare org amid military conflict
The incident responders noted that there was no evidence that data was exfiltrated during the intrusion, an unusual development considering U.S. intelligence agencies previously said Pay2Key attacks were largely conducted for information theft. First seen on therecord.media Jump to article: therecord.media/iran-linked-ransomware-gang-targeted-us-healthcare-org
-
Russian access broker sentenced to over 6 years in prison for ransomware schemes
A federal court in Indiana sentenced a Russian cybercriminal to 81 months in prison on charges related to his role as an initial access broker for ransomware groups. Aleksei Volkov, 26, of St. Petersburg, Russia, pleaded guilty in November 2025 to six federal charges stemming from his work with the Yanluowang ransomware group and other…
-
Russian access broker sentenced to over 6 years in prison for ransomware schemes
A federal court in Indiana sentenced a Russian cybercriminal to 81 months in prison on charges related to his role as an initial access broker for ransomware groups. Aleksei Volkov, 26, of St. Petersburg, Russia, pleaded guilty in November 2025 to six federal charges stemming from his work with the Yanluowang ransomware group and other…
-
Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months
A Russian citizen, Aleksei Volkov, was sentenced to 81 months in prison for helping ransomware groups carry out attacks causing over $9 million in actual losses and over $24 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/russian-initial-access-broker-sentenced-ransomware-attacks/
-
Russian hacker who helped Yanluowang ransomware gang gets nearly 7-year prison sentence
A Russian hacker who helped the notorious Yanluowang ransomware gang break into U.S. companies and demand millions of dollars in ransom payments was sentenced to nearly seven years in prison. First seen on therecord.media Jump to article: therecord.media/hacker-russian-ransomware-sentenced-doj
-
Yanluowang ransomware access broker gets 81 months in prison
A Russian national was sentenced to nearly 7 years in prison after pleading guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/yanluowang-ransomware-access-broker-gets-81-months-in-prison/
-
Auf der DMEA zeigt Claroty wie sich Cyberbedrohungen durch Priorisierung effektiv bekämpfen lassen
Der Spezialist für die Sicherheit von cyberphysischen Systemen (CPS), Claroty, präsentiert auch in diesem Jahr auf der DMEA seine Lösung zum Schutz medizinischer Geräte und Netzwerke vor Cyberbedrohungen. Aktuelle Untersuchungen zeigen, dass 89 Prozent der Einrichtungen über Systeme mit öffentlich zugänglichen Exploits verfügen (Known-Exploited-Vulnerabilities/KEV), welche aktiv von Ransomware-Banden genutzt werden, sowie unsicher mit dem Internet…
-
Russian initial access broker who fed ransomware crews gets 81 months in US prison
Aleksei Volkov sentenced after enabling attacks that cost victims millions First seen on theregister.com Jump to article: www.theregister.com/2026/03/24/russian_iab_sentenced/
-
81-month sentence for Russian hacker behind major ransomware campaigns
U.S. sentences Russian hacker Aleksei Volkov to 81 months in prison for aiding ransomware attacks, causing over $9M in damages. A U.S. court sentenced Aleksei Olegovich Volkov to 81 months in prison for supporting ransomware groups like Yanluowang. He helped carry out dozens of attacks, causing over $9M in losses. Arrested in Italy in 2024…
-
Russian Initial Access Broker Handed 81-Month Sentence
Russian cybercriminal Aleksei Volkov has received close to seven years behind bars for role in Yanluowang ransomware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-initial-access-broker/
-
Russian Access Broker Jailed for Facilitating Ransomware Attacks Targeting U.S. Companies
A United States federal court has sentenced Aleksei Volkov, a 26-year-old Russian national, to 81 months in prison for operating as an initial access broker. Volkov played a critical part in enabling major cybercrime syndicates, including the Yanluowang ransomware group, to breach corporate networks across the country. His illicit activities resulted in more than $9…
-
New Leak Site Tied to Active Initial Access Broker Emerges on Underground Forums
A new Tor-based leak site dubbed ALP-001 has quietly moved from selling network footholds to publicly naming victims, signaling an evolution from pure initial access brokerage to full-scale cyber extortion. The ALP-001 site, reachable only over Tor, advertises itself as a “Data Leaks / Access Market,” blending hallmarks of both a ransomware leak portal and…
-
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations.According to the U.S. Department of Justice (DoJ), Aleksei Olegovich Volkov facilitated dozens of ransomware attacks…
-
Ransomware’s New Era: Moving at AI Speed
Threat actors bypass security tools and use AI to launch faster ransomware attacks that exploit valid credentials and target data First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/ransomware-new-era-moving-ai-speed
-
US chip testing firm shrugged off ransomware hit as minor then came the data leak
Trio-Tech International initially said hack wasn’t ‘material,’ but then stolen data was published First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/us_chip_testing_firm_shrugged/