-
Notorious FIN7 hackers sell EDR killer to other threat actors
The notorious FIN7 hacking group has been spotted selling its custom "AvNeutralizer" tool, used to evade detection by killing enterprise endpoint protection software on corporate networks.
- July 17, 2024
- 05:11 PM
0
-
ALPHV ransomware site outage rumored to be caused by law enforcement
A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours.
- December 08, 2023
- 01:30 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
FIN7 hackers create auto-attack platform to breach Exchange servers
The notorious FIN7 hacking group uses an auto-attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate networks, steal data, and select targets for ransomware attacks based on financial size.
- December 22, 2022
- 08:00 AM
- 0
-
BlackCat (ALPHV) ransomware linked to BlackMatter, DarkSide gangs
The Black Cat ransomware gang, also known as ALPHV, has confirmed they are former members of the notorious BlackMatter/DarkSide ransomware operation.
- February 05, 2022
- 05:29 PM
- 2
-
The Week in Ransomware - November 5th 2021 - Placing bounties
Law enforcement continues to keep up the pressure on ransomware operations with infrastructure hacks and million-dollar rewards, leading to the shut down of criminal operations.
- November 05, 2021
- 06:05 PM
- 0
-
US targets DarkSide ransomware and its rebrands with $10 million reward
The US government is targeting the DarkSide ransomware and its rebrands with up to a $10,000,000 reward for information leading to the identification or arrest of members of the operation.
- November 04, 2021
- 05:00 PM
- 2
-
BlackMatter ransomware claims to be shutting down due to police pressure
The BlackMatter ransomware is allegedly shutting down its operation due to pressure from the authorities and recent law enforcement operations.
- November 03, 2021
- 01:59 AM
- 0
-
BlackMatter ransomware victims quietly helped using secret decryptor
Cybersecurity firm Emsisoft has been secretly decrypting BlackMatter ransomware victims since this summer, saving victims millions of dollars.
- October 24, 2021
- 11:27 AM
- 1
-
The Week in Ransomware - October 22nd 2021 - Striking back
Between law enforcement operations, REvil's second shut down, and ransomware gangs' response to the hacking of their servers, it has been quite the week.
- October 22, 2021
- 05:47 PM
- 0
-
DarkSide ransomware rushes to cash out $7 million in Bitcoin
Almost $7 million worth of Bitcoin in a wallet controlled by DarkSide ransomware operators has been moved in what looks like a money laundering rollercoaster.
- October 22, 2021
- 02:02 PM
- 0
-
FBI, CISA, NSA share defense tips for BlackMatter ransomware attacks
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) published today an advisory with details about how the BlackMatter ransomware gang operates.
- October 18, 2021
- 06:03 PM
- 0
-
US farmer cooperative hit by $5.9M BlackMatter ransomware attack
U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor.
- September 20, 2021
- 02:07 PM
- 1
-
Colonial Pipeline reports data breach after May ransomware attack
Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to individuals affected by the data breach resulting from the DarkSide ransomware attack that hit its network in May.
- August 16, 2021
- 07:23 AM
- 0
-
The Week in Ransomware - August 6th 2021 - Insider threat edition
If there is one thing we learned this week, it's that not only are corporations vulnerable to insider threats but so are ransomware operations.
- August 06, 2021
- 05:16 PM
- 1
-
Linux version of BlackMatter ransomware targets VMware ESXi servers
The BlackMatter gang has joined the ranks of ransomware operations to develop a Linux encryptor that targets VMware's ESXi virtual machine platform.
- August 05, 2021
- 05:32 PM
- 0
-
DarkSide ransomware gang returns as new BlackMatter operation
Encryption algorithms found in a decryptor show that the notorious DarkSide ransomware gang has rebranded as a new BlackMatter ransomware operation and is actively performing attacks on corporate entities.
- July 31, 2021
- 03:13 PM
- 1
-
BlackMatter ransomware gang rises from the ashes of DarkSide, REvil
A new ransomware gang named BlackMatter is purchasing access to corporate networks while claiming to include the best features from the notorious and now-defunct REvil and DarkSide operations.
- July 31, 2021
- 11:12 AM
- 3
-
Fashion retailer Guess discloses data breach after ransomware attack
American fashion brand and retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft.
- July 12, 2021
- 12:33 PM
- 0
-
US chemical distributor shares info on DarkSide ransomware data theft
World-leading chemical distribution company Brenntag has shared additional info on what data was stolen from its network by DarkSide ransomware operators during an attack from late April 2021 that targeted its North America division.
- July 03, 2021
- 10:00 AM
- 0
-
Fake DarkSide gang targets energy, food industry in extortion emails
Threat actors impersonate the now-defunct DarkSide Ransomware operation in fake extortion emails sent to companies in the energy and food sectors.
- June 18, 2021
- 12:48 PM
- 0
0
