-
The Week in Ransomware - May 26th 2023 - Cities Under Attack
Ransomware gangs continue to hammer local governments in attacks, taking down IT systems and disrupting cities' online services.
- May 26, 2023
- 04:45 PM
2
-
BlackByte ransomware claims City of Augusta cyberattack
The city of Augusta in Georgia, U.S., has confirmed that the most recent IT system outage was caused by unauthorized access to its network.
- May 26, 2023
- 09:27 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
The Week in Ransomware - October 21st 2022 - Stop the Presses
Cybersecurity researchers did not disappoint, with reports linking RansomCartel to REvil, on OldGremlin hackers targeting Russia with ransomware, a new data exfiltration tool used by BlackByte, a warning that ransomware actors are exploiting VMware vulnerabilities, and finally, our own report on the Venus Ransomware.
- October 21, 2022
- 06:29 PM
- 2
-
BlackByte ransomware uses new data theft tool for double-extortion
A BlackByte ransomware affiliate is using a new custom data stealing tool called 'ExByte' to steal data from compromised Windows devices quickly.
- October 21, 2022
- 06:00 AM
- 0
-
The Week in Ransomware - October 7th 2022 - A 20 year sentence
It was a very quiet week regarding ransomware news, with the most significant news being the sentencing of a Netwalker affiliate to 20-years in prison.
- October 07, 2022
- 06:14 PM
- 0
-
BlackByte ransomware abuses legit driver to disable security products
The BlackByte ransomware gang is using a new technique that researchers are calling "Bring Your Own Driver," which enables bypassing protections by disabling more than 1,000 drivers used by various security solutions.
- October 05, 2022
- 03:44 PM
- 0
-
San Francisco 49ers: Blackbyte ransomware gang stole info of 20K people
NFL's San Francisco 49ers are mailing notification letters confirming a data breach affecting more than 20,000 individuals following a ransomware attack that hit its network earlier this year.
- September 02, 2022
- 09:12 AM
- 0
-
The Week in Ransomware - August 19th 2022 - Evolving extortion tactics
Bringing you the latest ransomware news, including new research, tactics, and cyberattacks. We also saw the return of the BlackByte ransomware operation, who has started to use new extortion tactics.
- August 19, 2022
- 07:08 PM
- 0
-
BlackByte ransomware gang is back with new extortion tactics
The BlackByte ransomware is back with version 2.0 of their operation, including a new data leak site utilizing new extortion techniques borrowed from LockBit.
- August 17, 2022
- 05:28 PM
- 0
-
The Week in Ransomware - February 18th 2022 - Mergers & Acquisitions
The big news this week is that the Conti ransomware gang has recruited the core developers and managers of the TrickBot group, the developers of the notorious TrickBot malware.
- February 18, 2022
- 06:17 PM
- 0
-
FBI: BlackByte ransomware breached US critical infrastructure
The US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months.
- February 14, 2022
- 10:41 AM
- 0
-
NFL's San Francisco 49ers hit by Blackbyte ransomware attack
The NFL's San Francisco 49ers team is recovering from a cyberattack by the BlackByte ransomware gang who claims to have stolen data from the American football organization.
- February 13, 2022
- 08:22 AM
- 0
-
The Week in Ransomware - December 3rd 2021 - Seizing Bitcoin
For this week's 'Week in Ransomware' article we have included the latest ransomware news over the past two weeks.
- December 03, 2021
- 06:34 PM
- 0
-
Microsoft Exchange servers hacked to deploy BlackByte ransomware
BlackByte ransomware actors were observed exploiting the ProxyShell set of vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) to compromise Microsoft Exchange servers.
- December 01, 2021
- 11:21 AM
- 1
-
BlackByte ransomware decryptor released to recover files for free
A free decryptor for the BlackByte ransomware has been released, allowing past victims to recover their files for free.
- October 19, 2021
- 10:51 AM
- 2
