Tag: ransomware
-
Marquis sues SonicWall over backup breach that led to ransomware attack
Marquis Software Solutions has filed a lawsuit against SonicWall, accusing the cybersecurity company of gross negligence and misrepresentation that allegedly led to a ransomware attack disrupting operations at 74 U.S. banks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/marquis-sues-sonicwall-over-backup-breach-that-led-to-ransomware-attack/
-
Moscow man accused of posing as FSB officer to extort Conti ransomware gang
A Moscow resident has been accused of trying to extort money from the notorious Conti ransomware group by posing as an officer of Russia’s Federal Security Service, according to local media reports. First seen on therecord.media Jump to article: therecord.media/moscow-man-accused-of-extorting-conti-gang
-
Marquis Accuses SonicWall of Security Lapses; Ties it to Ransomware Attack
A legal dispute is intensifying in Texas as fintech firm Marquis sues its firewall provider, SonicWall, alleging that security failures within the company’s cloud backup service directly contributed to a far-reaching ransomware attack. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/marquis-sues-sonicwall-ransomware/
-
Lazarus APT group deployed Medusa Ransomware against Middle East target
North Korea’s Lazarus Group used Medusa ransomware in an attack on an unnamed Middle East organization, researchers report. The North Korea-linked Lazarus APT Group, also known as Diamond Sleet and Pompilus, has been spotted deploying Medusa ransomware against an unnamed organization in the Middle East, according a new report from the Symantec and Carbon Black…
-
Threat Actors Exploit Apache ActiveMQ Vulnerability to Gain RDP Access, Deploy LockBit Ransomware
Threat actors recently abused a critical Apache ActiveMQ vulnerability to gain deep access to a Windows environment, eventually deploying LockBit ransomware over RDP. The attack shows how failing to patch CVE-2023-46604 can give adversaries repeat access and time to turn an initial foothold into full-domain impact. The exploit loaded a malicious Java Spring bean configuration XML file,…
-
North Korea’s Lazarus Group targets healthcare orgs with Medusa ransomware
New ransomware of choice, same critical targets First seen on theregister.com Jump to article: www.theregister.com/2026/02/24/north_koreas_lazarus_group_healthcare_medusa_ransomware/
-
Marquis sues firewall provider SonicWall, alleges security failings with its firewall backup led to ransomware attack
Fintech giant Marquis is suing its firewall provider SonicWall, claiming that an earlier breach with SonicWall allowed hackers to deploy ransomware on Marquis’ network. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/24/marquis-sonicwall-lawsuit-ransomware-firewall-breach/
-
Warum Cyberresilienz zentraler Wettbewerbsfaktor und Chefsache ist
Die Bedrohungslage ist und bleibt nicht nur angespannt, sie verschärft sich auch weiter. Zunehmend hochprofessionalisierte Angriffsstrukturen und fortschreitende Automatisierung, gepaart mit weiterhin äußerst effizienten Angriffsmethoden wie Ransomware zeigen ein klares Gesamtbild: Besonders der deutsche Mittelstand und hier insbesondere das produzierende Gewerbe steht unter erheblichem Handlungsdruck, wenn es um die Sicherstellung der Cybersecurity geht. […] First…
-
UAE claims it stopped ‘terrorist’ ransomware attack
The country’s Cyber Security Council published a statement on Saturday that said they “successfully thwarted organized cyberattacks of a terrorist nature that targeted the country’s digital infrastructure and vital sectors in an attempt to destabilize the nation and disrupt essential services.” First seen on therecord.media Jump to article: therecord.media/uae-claims-it-stopped-terrorist-ransomware-attack
-
North Korean Lazarus Group Expands Ransomware Activity With Medusa
Ransomware Medusa linked to North Korean hackers targets US healthcare amid ongoing attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-lazarus-group-medusa/
-
North Korean Hackers Continue to Target US Healthcare
Tags: attack, extortion, group, hacker, healthcare, intelligence, lazarus, north-korea, ransomware, threatReport: Lazarus Group Pivoting to Medusa Ransomware for Extortion Attacks. North Korean-state backed Lazarus Group hackers are using Medusa ransomware in extortion attacks on U.S. healthcare entities despite a 2024 U.S. indictment of Rim Jong Hyok, an alleged member of the Lazarus subgroup Stonefly, according to a new threat intelligence report. First seen on govinfosecurity.com…
-
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
Tags: attack, group, healthcare, intelligence, korea, lazarus, middle-east, north-korea, ransomware, threatThe North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by the Symantec and Carbon Black Threat Hunter Team.Broadcom’s threat intelligence division said it also identified the same threat actors mounting an unsuccessful…
-
North Korean state hackers seen using Medusa ransomware in attacks on US, Middle East
Tags: attack, country, cybersecurity, hacker, hacking, healthcare, lazarus, middle-east, military, north-korea, ransomwareCybersecurity researchers said they saw Medusa attacks launched by members of Lazarus, a well-known North Korean hacking operation housed within the country’s military, against a company in the Middle East and a healthcare organization in the U.S. First seen on therecord.media Jump to article: therecord.media/north-korean-hackers-using-medusa-ransomware
-
North Korean Lazarus group linked to Medusa ransomware attacks
North Korean state-backed hackers associated with the Lazarus threat group are targeting U.S. healthcare organizations in extortion attacks using the Medusa ransomware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-lazarus-group-linked-to-medusa-ransomware-attacks/
-
Massive Conduent Data Breach Exfiltrates 8 TB Affects Over 25 Million Americans
A massive data breach at business services giant Conduent has compromised the sensitive personal information of over 25 million Americans, making it one of the largest cybersecurity incidents in recent history. The breach, which went undetected for nearly three months, involves the exfiltration of approximately 8 terabytes of data by the SafePay ransomware group. While…
-
Doppel-Erpressung ist inzwischen Standard
Ransomware-Angriffe sind längst keine Einzelfälle mehr, die nur große Unternehmen betreffen. Im Jahr 2026 zählen sie weltweit zu den hartnäckigsten und kostspieligsten Cyberbedrohungen mit Auswirkungen auf Unternehmen, öffentliche Einrichtungen und Privatnutzer gleichermaßen. Aktuelle Zahlen zeigen unter anderem: Über 1,3 Millionen Ransomware-Angriffe richteten sich 2024 gegen die USA. 74 % der Vorfälle beinhalteten Datenexfiltration,… First seen…
-
Everest ransomware hits Vikor Scientific ‘s supplier, data of 140,000 patients stolen
Everest ransomware claims an attack on diagnostic firm Vikor Scientific (Vanta Diagnostics), exposing data of nearly 140,000 people. The Everest ransomware group has claimed responsibility for a cyberattack on Vikor Scientific, now operating as Vanta Diagnostics. The healthcare diagnostic firm disclosed a data breach impacting nearly 139,964 individuals, as reported by the US Department of…
-
So You Think You Have Cyber Insurance? The Breach is Only the First Incident. The Claim is the Second.
Explore the complexities of cyber insurance, including common claim denials, coverage disputes, and evolving risks like ransomware, AI fraud, and BEC. Learn how to navigate insurance ecosystems to secure reliable coverage that stands firm in loss situations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/so-you-think-you-have-cyber-insurance-the-breach-is-only-the-first-incident-the-claim-is-the-second/
-
The rise of the evasive adversary
Tags: access, ai, attack, authentication, breach, china, cloud, credentials, crime, crowdstrike, crypto, data, defense, endpoint, exploit, finance, firewall, group, identity, infrastructure, intelligence, korea, lazarus, leak, mail, malicious, malware, microsoft, monitoring, network, north-korea, open-source, phishing, ransomware, remote-code-execution, russia, saas, service, software, strategy, supply-chain, tactics, theft, threat, tool, update, vpn, vulnerability, windows, zero-dayBig game hunters tighten their grip: CrowdStrike’s research highlights how big game hunting (BGH) ransomware actors have remained the dominant force in the eCrime landscape.Punk Spider, a group responsible for developing and maintaining Russian-language Akira ransomware, and its associated Akira dedicated leak site, conducted 198 intrusions in 2025, a 134% increase year over year. Victim-shaming operations…
-
74 Prozent der Ransomware-Vorfälle beinhalten Datenexfiltration
Tags: ransomwareFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/74-prozent-ransomware-vorfalle-datenexfiltration
-
600+ FortiGate Devices Hacked by AI-Armed Amateur
A Russian-speaking hacker used generative AI to compromise the FortiGate firewalls, targeting credentials and backups for possible follow-on ransomware attacks. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/600-fortigate-devices-hacked-ai-amateur
-
Air Côte d’Ivoire confirms cyberattack following ransomware claims
Air Côte d’Ivoire did not respond to requests for comment but released a statement on Friday confirming reports that hackers had breached its systems on February 8. Last week, the INC ransomware gang claimed it stole 208 GB of data from the airline. First seen on therecord.media Jump to article: therecord.media/air-cote-divoire-confirms-cyberattack
-
Ransomware, Zero-Days, and Data Breaches Shape This Week’s Cybersecurity Landscape
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/ransomware-zero-days-and-data-breaches-shape-this-weeks-cybersecurity-landscape/
-
Ransomware-Angriffe auf deutsche Unternehmen erreichen neuen Höchststand
Ransomware-Angriffe haben in den letzten Jahren weltweit zugenommen, und deutsche Unternehmen sind keine Ausnahme. Die Zahl der Angriffe hat einen neuen Höchststand erreicht, was IT-Experten und Sicherheitsverantwortliche alarmiert. Ransomware ist eine der gefährlichsten Bedrohungen für Unternehmen, da sie Systeme lahmlegen und sensible Daten verschlüsseln kann. Laut aktuellen Berichten ist die Anzahl der Ransomware-Angriffe in Deutschland…
-
Japanese chip-testing toolmaker Advantest suffers ransomware attack
Japanese tech testing company Advantest has suffered a ransomware attack, the company confirmed last Thursday, after detecting unusual activity within its IT environment on … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/23/advantest-suffers-ransomware-attack/
-
Ransomware gangs advancing Moscow’s geopolitical aims, Romanian cyber chief warns
Recent ransomware attacks targeting Romania’s critical infrastructure were likely part of a broader Russian hybrid operation aimed at undermining the country’s stability, Romania’s top cybersecurity official said. First seen on therecord.media Jump to article: therecord.media/ransomware-gangs-advancing-moscow-geopolitical-interests-warns-romania
-
Leading Semiconductor Supplier Advantest Hit by Ransomware Attack
Advantest, a Japanese specialist in testing computer chips for major semiconductor manufacturers, has deployed incident response protocols following a cybersecurity incident First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/advantest-ransomware-attack/
-
Ransomware Readiness is the Difference Between A Bad Day at Work and No More Workplace
Ransomware is now a routine business risk. True resilience comes from governance, tested incident response plans, recovery readiness, legal preparation, and trained leadership”, not just security technology. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/ransomware-readiness-is-the-difference-between-a-bad-day-at-work-and-no-more-workplace/