-
US cybersecurity experts plead guilty to BlackCat ransomware attacks
Two former employees of cybersecurity incident response companies Sygnia and DigitalMint have pleaded guilty to targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023.
- December 30, 2025
- 10:25 AM
2
-
Ukrainian hacker admits affiliate role in Nefilim ransomware gang
A Ukrainian national pleaded guilty on Friday to conducting Nefilim ransomware attacks that targeted high-revenue businesses across the United States and other countries.
- December 22, 2025
- 04:46 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
LockBit ransomware gang hacked, victim negotiations exposed
The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump.
- May 07, 2025
- 08:06 PM
- 1
-
Ukrainian extradited to US for Nefilim ransomware attacks
A Ukrainian national has been extradited from Spain to the United States to face charges over allegedly conducting Nefilim ransomware attacks against companies.
- May 01, 2025
- 03:44 PM
- 0
-
RansomHub ransomware uses new Betruger ‘multi-function’ backdoor
Security researchers have linked a new backdoor dubbed Betruger, deployed in several recent ransomware attacks, to an affiliate of the RansomHub operation.
- March 20, 2025
- 12:31 PM
- 0
-
Romanian Netwalker ransomware affiliate sentenced to 20 years in prison
Daniel Christian Hulea, a Romanian man charged for his involvement in NetWalker ransomware attacks, was sentenced to 20 years in prison after pleading guilty to computer fraud conspiracy and wire fraud conspiracy in June.
- December 20, 2024
- 02:56 AM
- 0
-
Police arrest four suspects linked to LockBit ransomware gang
Law enforcement authorities from 12 countries arrested four suspects linked to the LockBit ransomware gang, including a developer, a bulletproof hosting service administrator, and two people connected to LockBit activity.
- October 01, 2024
- 11:36 AM
- 3
-
Russians plead guilty to involvement in LockBit ransomware attacks
Two Russian individuals admitted to participating in many LockBit ransomware attacks, which targeted victims worldwide and across the United States.
- July 19, 2024
- 07:31 AM
- 0
-
Police arrest Conti and LockBit ransomware crypter specialist
The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself.
- June 12, 2024
- 09:42 AM
- 2
-
LockBit ransomware returns to attacks with new encryptors, servers
The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week's law enforcement disruption.
- February 28, 2024
- 01:31 PM
- 0
-
The Week in Ransomware - December 29th 2023 - LockBit targets hospitals
It's been a quiet week, with even threat actors appearing to take some time off for the holidays. We did not see much research released on ransomware this week, with most of the news focusing on new attacks and LockBit affiliates increasingly targeting hospitals.
- December 29, 2023
- 03:39 PM
- 0
-
LockBit ransomware now poaching BlackCat, NoEscape affiliates
The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams.
- December 13, 2023
- 01:22 PM
- 0
-
The Week in Ransomware - December 1st 2023 - Police hits affiliates
An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries.
- December 01, 2023
- 05:11 PM
- 1
-
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families in attacks over the past year.
- September 26, 2023
- 05:11 AM
- 0
-
The Week in Ransomware - August 18th 2023 - LockBit on Thin Ice
While there was quite a bit of ransomware news this week, the highlighted story was the release of Jon DiMaggio's third article in the Ransomware Diaries series, with the focus of this article on the LockBit ransomware operation.
- August 18, 2023
- 05:07 PM
- 0
-
Suspected LockBit ransomware affiliate arrested, charged in US
Russian national Ruslan Magomedovich Astamirov was arrested in Arizona and charged by the U.S. Justice Department for allegedly deploying LockBit ransomware on the networks of victims in the United States and abroad.
- June 15, 2023
- 01:33 PM
- 1
-
Ransomware gang apologizes, gives SickKids hospital free decryptor
The LockBit ransomware gang has released a free decryptor for the Hospital for Sick Children (SickKids), saying one of its members violated rules by attacking the healthcare organization.
- January 01, 2023
- 02:00 PM
- 8
-
Netwalker ransomware affiliate sentenced to 20 years in prison
Former Netwalker ransomware affiliate Sebastien Vachon-Desjardins has been sentenced to 20 years in prison and demanded to forfeit $21.5 million for his attacks on a Tampa company and other entities.
- October 04, 2022
- 04:10 PM
- 2
-
Microsoft: Exchange servers hacked to deploy BlackCat ransomware
Microsoft says BlackCat ransomware affiliates are now attacking Microsoft Exchange servers using exploits targeting unpatched vulnerabilities.
- June 13, 2022
- 01:14 PM
- 0
-
REvil ransomware member extradited to U.S. to stand trial for Kaseya attack
The U.S. Department of Justice announced that alleged REvil ransomware affiliate, Yaroslav Vasinskyi, was extradited to the United States last week to stand trial for the Kaseya cyberattack.
- March 10, 2022
- 01:23 PM
- 0
0
