Tag: ransomware
-
AiLock Ransomware Claims England Hockey Data Breach
England Hockey is investigating a potential cyberattack claimed by the AiLock ransomware group. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/ailock-ransomware-claims-england-hockey-data-breach/
-
Trump’s Cyber Strategy Puts Private Sector on the Offensive
Bold Plan Raises Hard Questions About Execution, Liability and Oversight. The Trump administration’s national cyber strategy calls for a stronger partnership between the federal government and private companies, heralding a shift in the ways private enterprise could participate in offensive operations against nation-state adversaries, ransomware gangs and cybercriminals. First seen on govinfosecurity.com Jump to article:…
-
Interpol’s ‘Operation Synergia III’ Nets 94 Arrests in Major Cybercrime Sweep
A new law enforcement operation against phishing and ransomware operators led to the takedown of 45,000 malicious IP addresses First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/interpol-operation-synergia3-94/
-
Analyse von Sophos – So wählen Ransomware-Gruppen ihre Opfer aus
First seen on security-insider.de Jump to article: www.security-insider.de/ransomware-angriffe-kleine-unternehmen-sophos-studie-a-bd7baf98b02d07a87df6c5e8b6e2e50f/
-
Ransomware incident responder gave info to BlackCat cybercriminals during negotiations, DOJ alleges
U.S. prosecutors accused an incident responder of conducting cyberattacks and helping ransomware gangs negotiate higher payouts from the same victims he was working for. First seen on therecord.media Jump to article: therecord.media/ransomware-blackcat-doj-incident-responder
-
INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
Tags: cybercrime, international, interpol, law, malicious, malware, network, phishing, ransomware, threatINTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part of the agency’s ongoing efforts to dismantle criminal networks, disrupt emerging threats, and safeguard victims from scams.The effort is part of an international law enforcement operation that involved 72 countries and…
-
Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication
Tags: access, backup, control, cve, data, exploit, flaw, group, infrastructure, ransomware, rce, remote-code-execution, update, veeam, vulnerabilityPatches are available: Veeam warned that organizations should apply the patched build promptly, noting that vulnerability disclosures frequently trigger attempts by attackers to reverse-engineer patches and develop exploits for unpatched systems.The issues were fixed in Veeam Backup & Replication 12.3.2.4465, and organizations running unsupported or older builds should assume they are vulnerable and upgrade immediately.…
-
Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication
Tags: access, backup, control, cve, data, exploit, flaw, group, infrastructure, ransomware, rce, remote-code-execution, update, veeam, vulnerabilityPatches are available: Veeam warned that organizations should apply the patched build promptly, noting that vulnerability disclosures frequently trigger attempts by attackers to reverse-engineer patches and develop exploits for unpatched systems.The issues were fixed in Veeam Backup & Replication 12.3.2.4465, and organizations running unsupported or older builds should assume they are vulnerable and upgrade immediately.…
-
Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication
Tags: access, backup, control, cve, data, exploit, flaw, group, infrastructure, ransomware, rce, remote-code-execution, update, veeam, vulnerabilityPatches are available: Veeam warned that organizations should apply the patched build promptly, noting that vulnerability disclosures frequently trigger attempts by attackers to reverse-engineer patches and develop exploits for unpatched systems.The issues were fixed in Veeam Backup & Replication 12.3.2.4465, and organizations running unsupported or older builds should assume they are vulnerable and upgrade immediately.…
-
AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns
The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that the financially motivated group Hive0163 is using AI-assisted malware named Slopoly to maintain persistent access during ransomware attacks, showing how threat actors can quickly build new malware frameworks using AI. Hive0163 is a threat actor…
-
Hive0163 Ransomware Operators Use AI-Generated Slopoly Malware
Researchers have identified a suspected case of AI-generated malware being used during a ransomware attack. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/slopoly-ai-generated-malware/
-
PsExec and Renamed Backup Tools Enabled Data Theft Before INC Ransomware Attack
A ransomware intrusion in which attackers used legitimate Windows tools and a renamed backup utility to quietly stage and exfiltrate sensitive data before deploying INC ransomware. The incident highlights how threat actors increasingly rely on “living off the land” techniques to evade detection and operate within compromised environments. Investigators later determined that the threat actor…
-
England Hockey investigating ransomware data breach
England Hockey, the governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware gang listed it as a victim on its data leak site. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/england-hockey-investigating-ransomware-data-breach/
-
AI-generated Slopoly malware used in Interlock ransomware attack
A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ai-generated-slopoly-malware-used-in-interlock-ransomware-attack/
-
‘Systemic Risk’ Stalks Healthcare Sector
For the U.S. healthcare ecosystem, the 2024 ransomware attack on Change Healthcare proved to be a supply-chain earthquake in showcasing critical third-party risk that entities now must carefully and urgently consider, said Erik Decker, CISO of Intermountain Health and a federal cyber adviser. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/systemic-risk-stalks-healthcare-sector-i-5535
-
Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed Slopoly put to use by a financially motivated threat actor named Hive0163.”Although still relatively unspectacular, AI-generated malware such as Slopoly shows how easily threat actors can weaponize AI to develop new malware frameworks in a fraction of the time it used to…
-
Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million
Angelo Martino is accused of playing both sides, committing attacks and conducting ransomware negotiations on some of the same cases on behalf of his former employer. First seen on cyberscoop.com Jump to article: cyberscoop.com/digitalmint-ransomware-negotiator-arrest-angelo-martino-extortion/
-
Law enforcement shuts down botnet made of tens of thousands of hacked routers
An international law enforcement operation shut down a service called SocksEscort, which allegedly helped cybercriminals all over the world launch ransomware and DDoS attacks, as well as distribute child sexual abuse material. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/12/law-enforcement-shuts-down-botnet-made-of-tens-of-thousands-of-hacked-routers/
-
Zscaler + CimTrak: Integrity-Driven Zero Trust for C2C
<div cla Across the first two blogs in this series, we confronted a hard truth: Cybersecurity doesn’t fail because organizations lack tools. It fails because it remains an open-loop system. Detection without enforcement. Visibility without control. Recovery without prevention. Frameworks like Zero Trust, Comply-to-Connect (C2C), and ransomware defense all stall at the same point: there…
-
Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million
Angelo Martino is accused of playing both sides, committing attacks and conducting ransomware negotiations on some of the same cases on behalf of his former employer. First seen on cyberscoop.com Jump to article: cyberscoop.com/digitalmint-ransomware-negotiator-arrest-angelo-martino-extortion/
-
Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million
Angelo Martino is accused of playing both sides, committing attacks and conducting ransomware negotiations on some of the same cases on behalf of his former employer. First seen on cyberscoop.com Jump to article: cyberscoop.com/digitalmint-ransomware-negotiator-arrest-angelo-martino-extortion/
-
Feds say another DigitalMint negotiator ran ransomware attacks and extorted $75 million
Angelo Martino is accused of playing both sides, committing attacks and conducting ransomware negotiations on some of the same cases on behalf of his former employer. First seen on cyberscoop.com Jump to article: cyberscoop.com/digitalmint-ransomware-negotiator-arrest-angelo-martino-extortion/
-
US charges another ransomware negotiator linked to BlackCat attacks
The U.S. Department of Justice charged another former DigitalMint employee for his involvement in an insider scheme in which ransomware negotiators secretly partnered with the BlackCat (ALPHV) ransomware operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-charges-another-ransomware-negotiator-linked-to-blackcat-attacks/
-
SOAR Cybersecurity
Cybersecurity teams today face a relentless wave of cyber threats. Organizations must defend their networks, endpoints, cloud systems, and data from sophisticated attacks such as ransomware, phishing campaigns, insider threats, and advanced persistent threats. However, modern IT environments are highly complex, and security teams are often overwhelmed by thousands of alerts generated by different security…
-
Cybersecurity Automation Platform
From ransomware and insider threats to advanced persistent attacks, the complexity and scale of cyber risks are growing faster than traditional security operations can handle. Security teams are overwhelmed by millions of alerts, fragmented tools, and limited human resources. This is where a cybersecurity automation platform becomes essential. A cybersecurity automation platform uses artificial intelligence,…
-
How US Ransomware Policy Aims to Break Global Crime Networks
Ex-FBI Leader Cynthia Kaiser on Sanctions, Ecosystem Disruption, Stronger Policies. U.S. cyber policy now treats ransomware gangs and fraud networks as transnational criminal organizations. Former FBI cyber leader Cynthia Kaiser explains how sanctions, infrastructure takedowns, and international cooperation could weaken cybercrime ecosystems and reduce attacks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/how-us-ransomware-policy-aims-to-break-global-crime-networks-a-30976
-
France: National Cybersecurity Agency Reports Ransomware Attack Drop in 2025
French small and medium businesses remained the organizations most targeted by ransomware in 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/france-anssi-ransomware-attack/
-
Mittelstand setzt bei der IT-Sicherheit oft auf falsche Maßnahmen – Deutsche KMU geraten verstärkt ins Visier von Ransomware
Tags: ransomwareFirst seen on security-insider.de Jump to article: www.security-insider.de/kmu-ransomware-falsche-sicherheitsmassnahmen-a-b666d9bd8b4d4fbae98a899a63a85d96/