-
September was a record month for ransomware attacks in 2023
Ransomware activity in September reached unprecedented levels following a relative lull in August that was still way above regular standards for summer months.
- October 24, 2023
- 03:00 AM
0
-
BlackCat ransomware uses new ‘Munchkin’ Linux VM in stealthy attacks
The BlackCat/ALPHV ransomware operation has begun to use a new tool named 'Munchkin' that utilizes virtual machines to deploy encryptors on network devices stealthily.
- October 19, 2023
- 05:40 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
ALPHV ransomware gang claims attack on Florida circuit court
The ALPHV (BlackCat) ransomware gang has claimed an attack that affected state courts across Northwest Florida (part of the First Judicial Circuit) last week.
- October 09, 2023
- 05:32 PM
- 0
-
MGM Resorts ransomware attack led to $100 million loss, data theft
MGM Resorts reveals that last month's cyberattack cost the company $100 million and allowed the hackers to steal customers' personal information.
- October 06, 2023
- 09:53 AM
- 1
-
Motel One discloses data breach following ransomware attack
The Motel One Group has announced that it has been targeted by ransomware actors who managed to steal some customer data, including the details of 150 credit cards.
- October 02, 2023
- 11:10 AM
- 0
-
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families in attacks over the past year.
- September 26, 2023
- 05:11 AM
- 0
-
BlackCat ransomware hits Azure Storage with Sphynx encryptor
The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt targets' Azure cloud storage.
- September 16, 2023
- 10:11 AM
- 0
-
MGM casino's ESXi servers allegedly encrypted in ransomware attack
An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts' operations, forcing the company to shut down IT systems.
- September 14, 2023
- 06:52 PM
- 3
-
Japanese watchmaker Seiko breached by BlackCat ransomware gang
The BlackCat/ALPHV ransomware gang has added Seiko to its extortion site, claiming responsibility for a cyberattack disclosed by the Japanese firm earlier this month.
- August 21, 2023
- 10:40 AM
- 0
-
The Week in Ransomware - August 18th 2023 - LockBit on Thin Ice
While there was quite a bit of ransomware news this week, the highlighted story was the release of Jon DiMaggio's third article in the Ransomware Diaries series, with the focus of this article on the LockBit ransomware operation.
- August 18, 2023
- 05:07 PM
- 0
-
Microsoft: BlackCat's Sphynx ransomware embeds Impacket, RemCom
Microsoft has discovered a new version of the BlackCat ransomware that embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network.
- August 17, 2023
- 06:05 PM
- 0
-
The Week in Ransomware - July 28th 2023 - New extortion tactics
With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims.
- July 28, 2023
- 04:01 PM
- 0
-
New Nitrogen malware pushed via Google Ads for ransomware attacks
A new 'Nitrogen' initial access malware campaign uses Google and Bing search ads to promote fake software sites that infect unsuspecting users with Cobalt Strike and ransomware payloads.
- July 26, 2023
- 11:04 AM
- 0
-
ALPHV ransomware adds data leak API in new extortion strategy
The ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their victims to pay a ransom by providing an API for their leak site to increase visibility for their attacks.
- July 26, 2023
- 02:34 AM
- 0
-
The Week in Ransomware - July 21st 2023 - Avaddon Back as NoEscape
This edition of the Week in Ransomware covers the last two weeks of news, as we could not cover it last week, and includes quite a bit of new information, including the return of the Avaddon ransomware gang.
- July 21, 2023
- 04:01 PM
- 2
-
Estée Lauder beauty giant breached by two ransomware gangs
Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks.
- July 19, 2023
- 07:51 PM
- 0
-
FIN8 deploys ALPHV ransomware using Sardonic malware variant
A financially motivated cybercrime gang has been observed deploying BlackCat ransomware payloads on networks backdoored using a revamped Sardonic malware version.
- July 18, 2023
- 09:15 AM
- 0
-
BlackCat ransomware pushes Cobalt Strike via WinSCP search ads
The BlackCat ransomware group (aka ALPHV) is running malvertizing campaigns to lure people into fake pages that mimic the official website of the WinSCP file-transfer application for Windows but instead push malware-ridden installers.
- July 01, 2023
- 11:18 AM
- 0
-
The Week in Ransomware - June 23rd 2023 - The Reddit Files
It was a relatively quiet week regarding ransomware news, with the BlackCat ransomware gang extorting Reddit and the ongoing MOVEit Transfer data breaches being the main focus.
- June 23, 2023
- 06:49 PM
- 0
-
Reddit hackers threaten to leak data stolen in February breach
The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company.
- June 18, 2023
- 12:01 PM
- 6
0
