Tag: ransomware
-
Single Click on CAPTCHA Triggers Destructive Akira Ransomware Attack on Malicious Website
A sophisticated Akira ransomware attack orchestrated by the Howling Scorpius group recently left a global data storage and infrastructure company grappling with massive operational disruption all triggered by a single, seemingly innocent click on a website CAPTCHA. The compromise underscores a harsh reality: deploying advanced security tools does not guarantee security coverage or effective threat…
-
Hackers Exploit Tuoni C2 Framework to Stealthily Deploy In-Memory Payloads
In October 2025, Morphisec’s anti-ransomware prevention platform detected and neutralized a sophisticated cyberattack targeting a major U.S. real estate company. The campaign showcased the emerging threat posed by the Tuoni C2 framework a free, modular command-and-control tool designed to deliver stealthy, in-memory payloads while evading traditional security defenses. What made this attack particularly notable was the…
-
Single Click on CAPTCHA Triggers Destructive Akira Ransomware Attack on Malicious Website
A sophisticated Akira ransomware attack orchestrated by the Howling Scorpius group recently left a global data storage and infrastructure company grappling with massive operational disruption all triggered by a single, seemingly innocent click on a website CAPTCHA. The compromise underscores a harsh reality: deploying advanced security tools does not guarantee security coverage or effective threat…
-
UK Exposes Bulletproof Hosting Operator Linked to LockBit and Evil Corp
The operator, Alexander Volosovik, also known as “Yalishanda”, “Downlow” and “Stas_vl,” ran a long-running bulletproof hosting operation used by top ransomware groups. First seen on hackread.com Jump to article: hackread.com/uk-bulletproof-hosting-operator-lockbit-evil-corp/
-
US, allies sanction Russian bulletproof hosting services for ransomware support
A popular Russian bulletproof hosting service provider named Media Land was sanctioned by the U.S. Treasury and international partners for its alleged support of ransomware gangs and other cybercriminal operations. First seen on therecord.media Jump to article: therecord.media/bulletproof-hosting-sanctions-ransomware
-
Fake CAPTCHA Triggers 42-Day Akira Ransomware Attack
A fake CAPTCHA click led to a 42-day Akira ransomware breach that went largely undetected despite extensive security tooling. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fake-captcha-triggers-42-day-akira-ransomware-attack/
-
US, allies sanction Russian bulletproof hosting firm
Authorities say the company helped ransomware gangs and supported DDoS attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russian-bulletproof-hosting-company-sanctions-us-australia-uk/805911/
-
US, UK, and Australia sanction Russian ‘bulletproof’ web host used in ransomware attacks
The newly imposed sanctions target Russian-based web host Media Land, which officials say are linked to LockBit and BlackSuit ransomware attacks. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/19/us-uk-and-australia-sanction-russian-bulletproof-web-host-used-in-ransomware-attacks/
-
VeeamPlatform v13 soll der neue Standard für Cyberresilienz, Datenschutz, und KI-gestützte Intelligenz werdeb
Veeam bringt Veeam-Data-Platform v13 auf den Markt eine innovative Weiterentwicklung, die den Standard für Cyberresilience, intelligenten Datenschutz und Datenfreiheit im Zeitalter der KI neu definiert. Diese Version stellt eine grundlegende Innovation der vertrauenswürdigsten Datenplattform der Branche dar. Veeam-Data-Platform v13 wurde entwickelt, um zeitgenössischen Herausforderungen wie unerbittlichen Ransomware-Angriffen, schnellen Veränderungen digitaler Infrastruktur und laufenden KI-Innovationen […]…
-
US, Allies Sanction Russian Bulletproof Ransomware Host
Treasury Links Russian Bulletproof Host Network to Prolific Ransomware Operations. The U.S., U.K. and Australia sanctioned Russian bulletproof host Media Land for supporting major ransomware gangs like LockBit and Play, a move paired with new global guidance urging internet service providers to tighten access controls and disrupt cybercrime infrastructure. First seen on govinfosecurity.com Jump to…
-
Russian bulletproof hosting provider sanctioned over ransomware ties
Today, the United States, the United Kingdom, and Australia announced sanctions targeting Russian bulletproof hosting (BPH) providers that have supported ransomware gangs and other cybercrime operations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-sanctions-russian-bulletproof-hosting-provider-media-land-over-ransomware-ties/
-
Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters
An in-development build of the upcoming ShinySp1d3r ransomware-as-a-service platform has surfaced, offering a preview of the upcoming extortion operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/meet-shinysp1d3r-new-ransomware-as-a-service-created-by-shinyhunters/
-
Half of Ransomware Access Due to Hijacked VPN Credentials
Beazley Security data finds the top cause of initial access for ransomware in Q3 was compromised VPN credentials First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/half-ransomware-access-hijacked/
-
Half of Ransomware Access Due to Hijacked VPN Credentials
Beazley Security data finds the top cause of initial access for ransomware in Q3 was compromised VPN credentials First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/half-ransomware-access-hijacked/
-
Updated Response to CISA Advisory (AA24-109A): #StopRansomware: Akira Ransomware
AttackIQ has released an updated attack graph in response to the recently revised CISA Advisory (AA24-109A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) associated with the Akira ransomware group, identified through FBI investigations as recently as November 2025. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/updated-response-to-cisa-advisory-aa24-109a-stopransomware-akira-ransomware/
-
Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack
The Pennsylvania Office of the Attorney General (>>OAGOAG
-
LG battery subsidiary says ransomware attack targeted overseas facility
A “specific overseas facility” fell prey to a ransomware attack but is now operating normally, according to LG Energy Solution, the South Korean multinational’s battery-making subsidiary. First seen on therecord.media Jump to article: therecord.media/lg-energy-solution-ransomware-incident-battery-maker
-
Everest Ransomware Alleges Major Data Breach Targeting Under Armour
The alleged Everest ransomware breach could expose millions of Under Armour customers to serious security and privacy risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/everest-ransomware-alleges-major-data-breach-targeting-under-armour/
-
Ransomware resilience may be improving in the health sector
A Sophos report on ransomware highlights resilience improvements among healthcare organisations but warns that the wider threat is still live and growing. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634675/Ransomware-resilience-may-be-improving-in-the-health-sector
-
Benchmarking optimizes Kraken ransomware encryption
First seen on scworld.com Jump to article: www.scworld.com/brief/benchmarking-optimizes-kraken-ransomware-encryption
-
Ransomware surged 30% in October
Tags: ransomwareFirst seen on scworld.com Jump to article: www.scworld.com/brief/ransomware-surge-in-october-implications-for-cybersecurity-landscape
-
Ransomware surged 30% in October
Tags: ransomwareFirst seen on scworld.com Jump to article: www.scworld.com/brief/ransomware-surge-in-october-implications-for-cybersecurity-landscape
-
Energiesektor im Visier von Hackern
Tags: ai, awareness, bsi, cisa, cyber, cyberattack, cybersecurity, data, ddos, defense, detection, germany, hacker, infrastructure, intelligence, Internet, iot, nis-2, password, ransomware, resilience, risk, risk-analysis, risk-management, soc, threat, ukraine, update, usa, vulnerabilityEnergieversorger müssen ihre Systeme vor immer raffinierteren Cyberangriffen schützen.Die Energieversorgung ist das Rückgrat moderner Gesellschaften. Stromnetze, Gaspipelines und digitale Steuerungssysteme bilden die Grundlage für Industrie, Transport und öffentliche Dienstleistungen. Doch mit der zunehmenden Digitalisierung wächst auch die Angriffsfläche. In den vergangenen Jahren ist der Energiesektor verstärkt ins Visier von Cyberkriminellen und staatlich unterstützten Angreifern geraten.…
-
Akira group has defrauded $244 million in ransomware payments, says FBI
First seen on scworld.com Jump to article: www.scworld.com/news/akira-group-has-defrauded-244-million-in-ransomware-payments-says-fbi
-
Benchmarking optimizes Kraken ransomware encryption
First seen on scworld.com Jump to article: www.scworld.com/brief/benchmarking-optimizes-kraken-ransomware-encryption
-
Ransomware bleibt aggressiv und fragmentiert
Der neue Ransomware-Report von Check Point Software Technologies zeigt, dass die Bedrohung durch Erpressungssoftware auch im dritten Quartal 2025 hoch bleibt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ransomware-bleibt-aggressiv
-
Threat Actors Use Compromised RDP to Deploy Lynx Ransomware After Deleting Backups
A sophisticated threat actor has orchestrated a multi-stage ransomware attack spanning nine days, leveraging compromised Remote Desktop Protocol (RDP) credentials to infiltrate a corporate network, exfiltrate sensitive data, and deploy Lynx ransomware across critical infrastructure. The attack initiated with a successful RDP login using pre-compromised credentials a critical indicator that the threat actor obtained valid…
-
Pennsylvania attorney general says SSNs stolen during August ransomware attack
Social Security numbers and medical information were among the data stolen in an August breach of the networks of Pennsylvania’s attorney general, officials said. First seen on therecord.media Jump to article: therecord.media/pennsylvania-attorney-general-office-data-breach-ssns
-
Pennsylvania attorney general says SSNs stolen during August ransomware attack
Social Security numbers and medical information were among the data stolen in an August breach of the networks of Pennsylvania’s attorney general, officials said. First seen on therecord.media Jump to article: therecord.media/pennsylvania-attorney-general-office-data-breach-ssns
-
Yurei Ransomware: Encryption Mechanics, Operational Model, and Data Exfiltration Methods
A newly identified ransomware group, Yurei, has emerged as a significant threat to organizations worldwide, with confirmed attacks targeting entities in Sri Lanka and Nigeria across multiple critical industries. First publicly identified in early September 2025, Yurei operates a traditional ransomware-as-extortion model, infiltrating corporate networks, encrypting sensitive data, destroying backup systems, and leveraging a dedicated…