Tag: ransomware
-
DragonForce Cartel Surfaces from Leaked Conti v3 Ransomware Source Code
Tags: cyber, data-breach, encryption, flaw, group, malware, ransomware, software, threat, vulnerabilityAcronis Threat Research Unit has analyzed recent activity linked to the DragonForce ransomware group and identified a new malware variant in the wild. The latest sample uses vulnerable drivers such as truesight.sys and rentdrv2.sys to disable security software, terminate protected processes and correct encryption flaws previously associated with Akira ransomware. The updated encryption scheme addresses…
-
Apache OpenOffice disputes data breach claims by ransomware gang
The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apache-openoffice-disputes-data-breach-claims-by-ransomware-gang/
-
Cyber Defenders Gone Rogue: Experts Charged in Ransomware Scheme
Cybersecurity experts allegedly turned rogue, using BlackCat ransomware to attack companies. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cyber-defenders-gone-rogue-experts-charged-in-ransomware-scheme/
-
Cyber Defenders Gone Rogue: Experts Charged in Ransomware Scheme
Cybersecurity experts allegedly turned rogue, using BlackCat ransomware to attack companies. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cyber-defenders-gone-rogue-experts-charged-in-ransomware-scheme/
-
U.S. Prosecutors Indict Cybersecurity Insiders in BlackCat Ransomware Attacks
Federal prosecutors in the United States have charged three individuals for allegedly carrying out a series of ransomware attacks targeting five U.S. companies using BlackCat ransomware, also known as ALPHV, between May and November 2023. The attacks reportedly aimed to extort large sums from the victims, including medical, engineering, pharmaceutical, and technology organizations. First seen on thecyberexpress.com Jump to…
-
U.S. Prosecutors Indict Cybersecurity Insiders in BlackCat Ransomware Attacks
Federal prosecutors in the United States have charged three individuals for allegedly carrying out a series of ransomware attacks targeting five U.S. companies using BlackCat ransomware, also known as ALPHV, between May and November 2023. The attacks reportedly aimed to extort large sums from the victims, including medical, engineering, pharmaceutical, and technology organizations. First seen on thecyberexpress.com Jump to…
-
Cybersecurity experts charged with running BlackCat ransomware operation
Tags: attack, breach, computer, crypto, cybersecurity, extortion, finance, group, healthcare, incident response, law, network, office, psychology, ransom, ransomware, risk, service, threatThe victims and the demands: The indictment cited at least five victim organizations: a Florida medical-device company, a Maryland pharmaceutical manufacturer, a California doctor’s office, a California engineering firm, and a Virginia-based drone company. On May 13, 2023, the conspirators allegedly attacked the Florida firm, demanding $10 million and receiving roughly $1.27 million in cryptocurrency.…
-
DragonForce Cartel Emerges as Conti-Derived Ransomware Threat
DragonForce, a ransomware group using Conti’s code, has adopted a cartel model to expand and recruit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/dragonforce-cartel-conti-derived/
-
Cybersecurity experts charged with running BlackCat ransomware operation
Tags: attack, breach, computer, crypto, cybersecurity, extortion, finance, group, healthcare, incident response, law, network, office, psychology, ransom, ransomware, risk, service, threatThe victims and the demands: The indictment cited at least five victim organizations: a Florida medical-device company, a Maryland pharmaceutical manufacturer, a California doctor’s office, a California engineering firm, and a Virginia-based drone company. On May 13, 2023, the conspirators allegedly attacked the Florida firm, demanding $10 million and receiving roughly $1.27 million in cryptocurrency.…
-
New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations
Lessons for defenders and platform providers: Microsoft clarified that OpenAI’s platform itself wasn’t breached or exploited; rather, its legitimate API functions were misused as a relay channel, highlighting a growing risk as generative AI becomes part of enterprise and development workflows. Attackers can now co-opt public AI endpoints to mask malicious intent, making detection significantly…
-
New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations
Lessons for defenders and platform providers: Microsoft clarified that OpenAI’s platform itself wasn’t breached or exploited; rather, its legitimate API functions were misused as a relay channel, highlighting a growing risk as generative AI becomes part of enterprise and development workflows. Attackers can now co-opt public AI endpoints to mask malicious intent, making detection significantly…
-
New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations
Lessons for defenders and platform providers: Microsoft clarified that OpenAI’s platform itself wasn’t breached or exploited; rather, its legitimate API functions were misused as a relay channel, highlighting a growing risk as generative AI becomes part of enterprise and development workflows. Attackers can now co-opt public AI endpoints to mask malicious intent, making detection significantly…
-
Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware
A ransomware negotiator and an incident response manager have been indicted in Florida for allegedly conspiring to deploy the ALPHV/BlackCat ransomware against multiple US … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/04/ransomware-negotiator-alphv-blackcat-ransomware/
-
Ransomware Defense Using the Wazuh Open Source Platform
Tags: access, attack, computer, cyberattack, data, defense, infrastructure, malicious, malware, open-source, ransom, ransomware, software, threatRansomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the digital landscape, affecting individuals, businesses, and critical infrastructure worldwide.A ransomware attack typically begins when the malware infiltrates a system through various vectors…
-
Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware
A ransomware negotiator and an incident response manager have been indicted in Florida for allegedly conspiring to deploy the ALPHV/BlackCat ransomware against multiple US … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/04/ransomware-negotiator-alphv-blackcat-ransomware/
-
Lösegeldverhandler angeklagt: Ex-Cyberangestellte sollen Unternehmen gehackt haben
Tags: ransomwareDrei Ex-Mitarbeiter von Cybersecurityfirmen scheinen ein äußerst fragwürdiges Nebengeschäft betrieben zu haben. Es war Ransomware im Spiel. First seen on golem.de Jump to article: www.golem.de/news/ex-mitarbeiter-angeklagt-loesegeldverhandler-wohl-an-cyberangriffen-beteiligt-2511-201802.html
-
Ransomware-Bande missbraucht Microsoft-Zertifikate
Kontinuierlich offenstehende Hintertüren sind für Cyberkriminelle ein Freifahrtschein.Die Ransomware-Bande Rhysida ist speziell im Unternehmensumfeld berüchtigt. Nun scheint das kriminelle Hacker-Kollektiv neue Wege einschlagen zu wollen, wie ein Bericht des US-Sicherheitsanbieters Expel nahelegt. Demnach setzen die Cyberkriminellen in ihrer aktuellen Angriffskampagne initial auf Malvertising. Die maliziösen Anzeigen laufen über die Microsoft-Suchmaschine Bing und führen auf Fake-Download-Seiten…
-
Ransomware-Bande missbraucht Microsoft-Zertifikate
Kontinuierlich offenstehende Hintertüren sind für Cyberkriminelle ein Freifahrtschein.Die Ransomware-Bande Rhysida ist speziell im Unternehmensumfeld berüchtigt. Nun scheint das kriminelle Hacker-Kollektiv neue Wege einschlagen zu wollen, wie ein Bericht des US-Sicherheitsanbieters Expel nahelegt. Demnach setzen die Cyberkriminellen in ihrer aktuellen Angriffskampagne initial auf Malvertising. Die maliziösen Anzeigen laufen über die Microsoft-Suchmaschine Bing und führen auf Fake-Download-Seiten…
-
Ransomware-Bande missbraucht Microsoft-Zertifikate
Kontinuierlich offenstehende Hintertüren sind für Cyberkriminelle ein Freifahrtschein.Die Ransomware-Bande Rhysida ist speziell im Unternehmensumfeld berüchtigt. Nun scheint das kriminelle Hacker-Kollektiv neue Wege einschlagen zu wollen, wie ein Bericht des US-Sicherheitsanbieters Expel nahelegt. Demnach setzen die Cyberkriminellen in ihrer aktuellen Angriffskampagne initial auf Malvertising. Die maliziösen Anzeigen laufen über die Microsoft-Suchmaschine Bing und führen auf Fake-Download-Seiten…
-
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat (aka ALPHV) ransomware between May and November 2023 and extorting them.Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed coconspirator (aka “Co-Conspirator 1”) based in Florida, all U.S. nationals, are said to have used the…
-
Ex-Mitarbeiter angeklagt: Lösegeldverhandler wohl an Cyberangriffen beteiligt
Drei Ex-Mitarbeiter von Cybersecurityfirmen scheinen ein äußerst fragwürdiges Nebengeschäft betrieben zu haben. Es war Ransomware im Spiel. First seen on golem.de Jump to article: www.golem.de/news/ex-mitarbeiter-angeklagt-loesegeldverhandler-wohl-an-cyberangriffen-beteiligt-2511-201802.html
-
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat (aka ALPHV) ransomware between May and November 2023 and extorting them.Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed coconspirator (aka “Co-Conspirator 1”) based in Florida, all U.S. nationals, are said to have used the…
-
Malicious PuTTY Ads Deliver OysterLoader, Allowing Attackers Full Device and Network Access
The Rhysida ransomware gang has been running a sophisticated malvertising campaign that delivers OysterLoader malware through deceptive search engine advertisements, giving attackers complete access to compromised devices and networks. The Rhysida gang, formerly known as Vice Society before rebranding in 2023, has perfected a dangerous infection chain using paid Bing search advertisements. The gang purchases…
-
Malicious PuTTY Ads Deliver OysterLoader, Allowing Attackers Full Device and Network Access
The Rhysida ransomware gang has been running a sophisticated malvertising campaign that delivers OysterLoader malware through deceptive search engine advertisements, giving attackers complete access to compromised devices and networks. The Rhysida gang, formerly known as Vice Society before rebranding in 2023, has perfected a dangerous infection chain using paid Bing search advertisements. The gang purchases…
-
Auslieferung und Anklage von BlackCat (ALPHV) und ContiGangs
US-Strafverfolger haben drei ehemalige Mitarbeiter von Cybersicherheitsunternehmen wegen der Beteiligung an BlackCat (ALPHV)-Ransomware-Angriffen angeklagt. Und der Ukrainer Oleksii Oleksiyovych Lytvynenko wurde wegen des Einsatzes der Conti-Ransomware an die USA ausgeliefert. Die betreffenden Informationen sind mit die Nacht auf X untergekommen. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/04/auslieferung-und-anklage-von-blackcat-alphv-und-conti-ransomware-gangs/
-
Auslieferung und Anklage von BlackCat (ALPHV) und ContiGangs
US-Strafverfolger haben drei ehemalige Mitarbeiter von Cybersicherheitsunternehmen wegen der Beteiligung an BlackCat (ALPHV)-Ransomware-Angriffen angeklagt. Und der Ukrainer Oleksii Oleksiyovych Lytvynenko wurde wegen des Einsatzes der Conti-Ransomware an die USA ausgeliefert. Die betreffenden Informationen sind mit die Nacht auf X untergekommen. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/04/auslieferung-und-anklage-von-blackcat-alphv-und-conti-ransomware-gangs/
-
MIT Sloan quietly shelves AI ransomware study after researcher calls BS
Even AI has doubts about the claim that ‘80% of ransomware attacks are AI-driven’ First seen on theregister.com Jump to article: www.theregister.com/2025/11/03/mit_sloan_updates_ai_ransomware_paper/
-
Ransomware negotiator, pay thyself!
Rogues committed extortion while working for infosec firms First seen on theregister.com Jump to article: www.theregister.com/2025/11/03/rogue_ransomware_negotiators/
-
Ransomware negotiator, pay thyself! Rogues committed extortion while working for infosec firms
This is not what people mean when they say: ‘You should get a side hustle’ First seen on theregister.com Jump to article: www.theregister.com/2025/11/03/rogue_ransomware_negotiators/