Tag: ransomware
-
So macht man Ransomware das Leben schwer
Künstliche Intelligenz erfordert nicht nur leistungsstarke, sondern auch resiliente Speicherinfrastrukturen. Mit den richtigen Maßnahmen können Unternehmen Cybersicherheit von Grund auf integrieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ransomware-macht-das-leben-schwer
-
Ransomware-Trends 2026: Weniger Hackergruppen – dafür brutal effizient
Cyberkriminelle agieren 2026 gezielter, schneller und professioneller als je zuvor. Das zeigt der Ransomware Report Q1 2026 von Check Point Software Technologies. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ransomware-trends-2026-weniger-hackergruppen-dafuer-brutal-effizient/a45237/
-
WantToCry Ransomware Exploits SMB to Encrypt Remote Files
A new ransomware campaign named “WantToCry” that leverages exposed Server Message Block (SMB) services to gain access and encrypt victim data without deploying traditional malware on compromised systems. This approach significantly reduces the detection surface, making it harder for conventional security tools to identify the attack. The name “WantToCry” appears to reference the infamous WannaCry…
-
Why Smaller Healthcare Providers Remain Easy Targets
Recent Hacks Underscore Persistent and Growing Threats to Smaller Organizations. Small and mid-sized healthcare organizations – including medical specialty practices and regional clinics – continue to fall victim disproportionately to hacking incidents, including ransomware attacks and data thefts – affecting large populations of patients. Why does this keep happening? First seen on govinfosecurity.com Jump to…
-
Hackers bypass SonicWall VPN MFA due to incomplete patching
Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-bypass-sonicwall-vpn-mfa-due-to-incomplete-patching/
-
Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs
Microsoft disrupted the Fox Tempest operation after attackers abused Azure Artifact Signing to distribute malware disguised as trusted software. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/microsoft-disrupts-malware-signing-service-used-by-ransomware-gangs/
-
Microsoft disrupts cybercrime operation that hid behind legitimate software
The Fox Tempest malware-signing-as-a-service operation was linked to numerous ransomware attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-disrupts-cybercrime-hid-legitimate-software/820724/
-
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company’s Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of machines and networks across the world.The tech giant attributed the activity to a threat actor it calls Fox Tempest, which it said offered the MSaaS…
-
Fox Tempest Linked to Malware-Signing Service Abusing Microsoft Artifact Signing
Tags: cyber, cybercrime, group, intelligence, malicious, malware, microsoft, ransomware, service, software, threatFox Tempest, a financially motivated threat actor, has been linked to a large-scale malware-signing-as-a-service (MSaaS) operation that abused Microsoft’s Artefact Signing platform to enable cybercriminals to distribute malicious software that appeared to be trusted. According to Microsoft Threat Intelligence, the group enabled ransomware campaigns and malware distribution by generating fraudulent but valid code-signing certificates, allowing…
-
Cybercrime service disrupted for abusing Microsoft platform to sign malware
Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company’s Artifact Signing service to generate fraudulent code-signing certificates used by ransomware gangs and other cybercriminals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cybercrime-service-disrupted-for-abusing-microsoft-platform-to-sign-malware/
-
Cybercrime service disrupted for abusing Microsoft platform to sign malware
Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company’s Artifact Signing service to generate fraudulent code-signing certificates used by ransomware gangs and other cybercriminals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cybercrime-service-disrupted-for-abusing-microsoft-platform-to-sign-malware/
-
AdvancedHEALTH Ransomware Claim Includes 2.3M Patient Data Lines
DragonForce claims it stole 390GB from AdvancedHEALTH, including patient data and minors’ records, as breach notices and legal scrutiny begin. The post AdvancedHEALTH Ransomware Claim Includes 2.3M Patient Data Lines appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-advancedhealth-ransomware-patient-data-claim/
-
Microsoft disrupts Fox Tempest malware-signing-asservice platform tied to ransomware gangs
The company unsealed a legal case in U.S. District Court on Tuesday detailing the disruption of Fox Tempest, a popular service that has operated since May 2025 and provides cybercriminals with code signing tools. First seen on therecord.media Jump to article: therecord.media/microsoft-disrupts-fox-tempest-malware-signing-service
-
Microsoft Takes Down Fox Tempest for Providing Ransomware-Enabling Signing Tool
Microsoft’s Digital Crimes Unit has taken down the infrastructure of Fox Tempest, a prolific cybercrime-enabling threat group First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-takes-down-fox-tempest/
-
Microsoft disrupts cybercrime service that abused software verification systems en masse
Fox Tempest, a financially-motivated threat group, allowed ransomware operators and other cybercriminals to slip malware-laced software past security controls. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-digital-crimes-unit-disrupts-fox-tempest/
-
Verizon Breach Report: Vulnerability Exploitation Surges
Tags: access, breach, data, data-breach, exploit, hacker, Hardware, ransomware, software, update, vulnerabilityPatch Rollout Slows and Ransomware Incident Volume Rises, Finds Latest Verizon DBIR. The frequency of hackers exploiting vulnerabilities in hardware and software to gain initial access to a victim’s environment continues to surge, and half of all successful breaches also now involve some type of ransomware action, according Verizon’s 2026 Data Breach Investigations Report. First…
-
Gentlemen Ransomware Targets Windows, Linux, NAS, BSD, and ESXi Systems
The Gentlemen ransomware operation has rapidly emerged as one of the most active and scalable cybercrime threats since its public appearance in the second half of 2025. The Gentlemen stands out for its ability to target a wide range of enterprise systems, including Windows, Linux, NAS, BSD, and VMware ESXi environments. This lineage suggests the…
-
Wachsende Verwundbarkeit des Wirtschaftsstandorts Deutschland
Die wichtigsten Punkte im Überblick: Die Zahl der auf Leak-Seiten veröffentlichten Ransomware-Fälle in Deutschland stieg 2025 um 92 Prozent. Diese Entwicklung ist ein deutliches Warnsignal für die Verwundbarkeit des Wirtschaftsstandorts Deutschland. Cybererpressung hat sich zu einem professionalisierten und industrialisierten Geschäftsmodell entwickelt. Unternehmen stehen gleichzeitig unter Druck durch steigende Bedrohungen und komplexe Regulierungen wie NIS2, DORA……
-
Fokus auf Großunternehmen Druck auf IT-Abteilungen ist enorm
Tags: ransomwareFirst seen on security-insider.de Jump to article: www.security-insider.de/sophos-report-2025-ransomware-druck-personalmangel-a-53c1b739466abd0477b06a0c425c9a33/
-
The Gentlemen Ransomware Gang Hit by Internal Breach, Operations Exposed
The Gentlemen ransomware gang suffered an internal breach in May 2026, exposing victim data, affiliate activity, and backend operations. First seen on hackread.com Jump to article: hackread.com/the-gentlemen-ransomware-gang-breach-op-exposed/
-
The Gentlemen Ransomware Gang Hit by Internal Breach, Operations Exposed
The Gentlemen ransomware gang suffered an internal breach in May 2026, exposing victim data, affiliate activity, and backend operations. First seen on hackread.com Jump to article: hackread.com/the-gentlemen-ransomware-gang-breach-op-exposed/
-
When ransomware hits, confidence doesn’t restore endpoints
Ransomware, supply chain vulnerabilities, insider threats, compliance failures, and software disruptions remain major concerns for security leaders, according to The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/18/absolute-security-cisos-ransomware-pressure-report/
-
Ransomware-Gruppe ‘Nitrogen” hat Foxconn-Werk in den USA angegriffen
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/ransomware-gruppe-nitrogen-foxconn-werk-usa-angriff
-
Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?
Businesses are advised against paying but many are prepared to deal to protect users’ privacyAfter a week of outages, hundreds of millions of students’ data stolen, delayed assignment due dates and school login pages being defaced by hackers, the US tech firm Instructure which operates the education platform Canvas, used by education providers worldwide announced…
-
Cybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams Recording
Plus: Instructure’s Canvas ransomware debacle comes to a close, an alleged dark net market kingpin gets arrested, OpenAI workers fall victim to a supply chain attack, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-cybercriminal-twins-caught-after-they-forgot-to-turn-off-microsoft-teams-recording/
-
ISMG Editors: Should We Trust Ransomware Gangs?
Ransomware Payouts, AI-Driven Threats and Reshaping Payment Fraud. In this week’s panel, four ISMG editors discussed a ransomware case that once again raises questions about paying extortionists, why security leaders fear AI is accelerating attacks faster than humans can respond and how the rise of instant payments is reshaping fraud programs at banks. First seen…
-
AI Exploits, Ransomware Breaches, and Cloud Security Gaps Define this Week in May 2026
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/ai-exploits-ransomware-breaches-and-cloud-security-gaps-define-this-week-in-may-2026/
-
Gunra Ransomware Expands RaaS After Conti Locker Shift
Gunra ransomware is rapidly evolving into a more structured and dangerous cybercrime operation after shifting from a Conti-based locker to its own Ransomware-as-a-Service (RaaS) model. First discovered in April 2025, the group initially targeted a small number of victims, but its recent operational changes have significantly increased its reach and impact across industries. Gunra first…