Tag: ransomware
-
How Ransomware Attacks Leverage Cyber Insurance Policies
Ransomware attacks continue to evolve into sophisticated strategic and psychological operations. Threat actors are always seeking ways to maximize their illicit gains, and they’ve now discovered a powerful piece to leverage: a company’s cyber insurance policy. When attackers gain access to cyber policy details, they come to a ransomware negotiation already holding some of their..…
-
Prosecutors allege incident response pros used ALPHV/BlackCat to commit string of ransomware attacks
The alleged cybersecurity turncoats attacked at least five U.S. companies while working for their respective employers, officials said. First seen on cyberscoop.com Jump to article: cyberscoop.com/incident-response-ransomware-professionals-charged-attacks/
-
How Ransomware Attacks Leverage Cyber Insurance Policies
Ransomware attacks continue to evolve into sophisticated strategic and psychological operations. Threat actors are always seeking ways to maximize their illicit gains, and they’ve now discovered a powerful piece to leverage: a company’s cyber insurance policy. When attackers gain access to cyber policy details, they come to a ransomware negotiation already holding some of their..…
-
DOJ accuses US ransomware negotiators of launching their own ransomware attacks
Three people, including two U.S. ransomware negotiators, are accused of working on behalf of the ALPHV/BlackCat ransomware gang. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/03/doj-accuses-us-ransomware-negotiators-of-launching-their-own-ransomware-attacks/
-
US cybersecurity experts indicted for BlackCat ransomware attacks
Three former employees of cybersecurity incident response companies DigitalMint and Sygnia have been indicted for allegedly hacking the networks of five U.S. companies in BlackCat (ALPHV) ransomware attacks between May 2023 and November 2023. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-cybersecurity-experts-indicted-for-blackcat-ransomware-attacks/
-
Europe second only to North America for cyber attacks
Europe faces rising cyber threats from criminals and nation-states, according to CrowdStrike. Ransomware attacks now take just 24 hours, with 22% of global victims being European First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634112/CrowdStrike-Europe-second-only-to-North-America-for-cyber-attacks
-
Ongoing Ransomware Attacks Exploit Critical Linux Kernel Vulnerability (CVE-2024-1086)
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a serious warning after confirming that a critical flaw in the Linux Kerne First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-warns-of-cve-2024-1086/
-
Ongoing Ransomware Attacks Exploit Critical Linux Kernel Vulnerability (CVE-2024-1086)
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a serious warning after confirming that a critical flaw in the Linux Kerne First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-warns-of-cve-2024-1086/
-
âš¡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More
Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems”, some just hours after being found. No system was fully safe.From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted…
-
âš¡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More
Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems”, some just hours after being found. No system was fully safe.From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted…
-
Rhysida ransomware exploits Microsoft certificate to slip malware past defenses
Identifying forensic signals: The campaigns that leverage trusted certificates undermine the trust model enterprises rely on. Signed malware bypasses app-allow lists, browser warnings, OS checks, and antivirus assumptions about signed code. When the file poses as Teams or PuTTY, employees don’t hesitate to download it as it looks normal.”Once inside, the malware runs with fewer…
-
Rhysida ransomware exploits Microsoft certificate to slip malware past defenses
Identifying forensic signals: The campaigns that leverage trusted certificates undermine the trust model enterprises rely on. Signed malware bypasses app-allow lists, browser warnings, OS checks, and antivirus assumptions about signed code. When the file poses as Teams or PuTTY, employees don’t hesitate to download it as it looks normal.”Once inside, the malware runs with fewer…
-
Rhysida ransomware exploits Microsoft certificate to slip malware past defenses
Identifying forensic signals: The campaigns that leverage trusted certificates undermine the trust model enterprises rely on. Signed malware bypasses app-allow lists, browser warnings, OS checks, and antivirus assumptions about signed code. When the file poses as Teams or PuTTY, employees don’t hesitate to download it as it looks normal.”Once inside, the malware runs with fewer…
-
Conti Suspect in Court After Extradition From Ireland
Ukrainian national Oleksii Oleksiyovych Lytvynenko has appeared in a US court in connection with Conti ransomware charges First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/conti-suspect-court-extradition/
-
Leak Site Ransomware Victims Spike 13% in a Year
CrowdStrike data reveals a 13% annual increase in the number of European ransomware victims in 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/leak-site-ransomware-victims-spike/
-
Conti Ransomware Operator Extradited to the United States
A Ukrainian national accused of participating in one of the most damaging ransomware campaigns in history has been extradited from Ireland to face charges in the United States. Oleksii Oleksiyovych Lytvynenko, 43, appeared in federal court in Tennessee following his transfer from Irish custody, where he had been held since his arrest in July 2023.…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69
Tags: attack, data-breach, hacking, international, linux, malware, ransomware, threat, tool, windowsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques Uncovering Qilin attack methods exposed through multiple cases Mem3nt0 mori The Hacking Team is back! Insider Threats Loom […]…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69
Tags: attack, data-breach, hacking, international, linux, malware, ransomware, threat, tool, windowsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques Uncovering Qilin attack methods exposed through multiple cases Mem3nt0 mori The Hacking Team is back! Insider Threats Loom […]…
-
Ukrainian extradited to US over Conti ransomware involvement
Ukrainian Oleksii Lytvynenko extradited from Ireland to US for alleged role in Conti ransomware after fleeing Ukraine in 2022. Ukrainian national Oleksii Lytvynenko (43) extradited from Ireland to the US, faces charges for alleged involvement in Conti ransomware attacks after fleeing Ukraine in 2022. The man appeared in a US court and was charged with…
-
Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data
The notorious Akira ransomware gang announced on October 29, 2025, that it successfully penetrated the systems of Apache OpenOffice, claiming to have exfiltrated a staggering 23 gigabytes of sensitive corporate data. The group posted details on its dark web leak site, threatening to release the stolen information unless a ransom demand is met. This incident…
-
CISA Alerts on Linux Kernel Vulnerability Exploited in Ransomware Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, infrastructure, kev, linux, ransomware, threat, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively leveraging the security vulnerability in ransomware campaigns targeting organizations worldwide. The vulnerability, tracked as CVE-2024-1086, represents a significant threat to Linux-based systems and requires immediate attention from cybersecurity teams.…
-
AdaptixC2: When Open-Source Tools Become Weapons
Cybercriminals are turning AdaptixC2, an open-source security tool, into a weapon for ransomware attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/adaptixc2-when-open-source-tools-become-weapons/
-
Ukrainian allegedly involved in Conti ransomware attacks faces up to 25 years in jail
Oleksii Lytvynenko, 43, was arrested in Ireland in 2023 and extradited to the U.S. earlier this month. He pleaded not guilty in federal court Thursday. First seen on cyberscoop.com Jump to article: cyberscoop.com/ukrainian-oleksii-lytvynenko-conti-ransomware-extradited/
-
Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks
CISA warns ransomware gangs exploit CVE-2024-1086, a Linux kernel flaw in netfilter: nf_tables, introduced in 2014 and patched in Jan 2024. CISA warned that ransomware gangs are exploiting CVE-2024-1086, a high-severity Linux kernel flaw introduced in 2014 and patched in January 2024. CISA didn’t provide details about the ransomware attacks exploiting the flaw or name…
-
Ukrainian allegedly involved in Conti ransomware attacks faces up to 25 years in jail
Oleksii Lytvynenko, 43, was arrested in Ireland in 2023 and extradited to the U.S. earlier this month. He pleaded not guilty in federal court Thursday. First seen on cyberscoop.com Jump to article: cyberscoop.com/ukrainian-oleksii-lytvynenko-conti-ransomware-extradited/