-
Royal and BlackSuit ransomware gangs hit over 450 US companies
The U.S. Department of Homeland Security (DHS) says the cybercrime gang behind the Royal and BlackSuit ransomware operations had breached hundreds of U.S. companies before their infrastructure was dismantled last month.
- August 08, 2025
- 03:36 AM
0
-
FBI: BlackSuit ransomware behind over $500 million in ransom demands
CISA and the FBI confirmed today that the Royal ransomware rebranded to BlackSuit and has demanded over $500 million from victims since it emerged more than two years ago.
- August 07, 2024
- 06:26 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Researchers link 3AM ransomware to Conti, Royal cybercrime gangs
Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang.
- January 20, 2024
- 10:09 AM
- 0
-
FBI: Royal ransomware asked 350 victims to pay $275 million
The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022.
- November 13, 2023
- 03:40 PM
- 0
-
Dallas says Royal ransomware breached its network using stolen account
The City of Dallas, Texas, said this week that the Royal ransomware attack that forced it to shut down all IT systems in May started with a stolen account.
- September 22, 2023
- 04:59 PM
- 0
-
The Week in Ransomware - June 9th 2023 - It’s Clop... Again!
The week was dominated by fallout over the MOVEit Transfer data-theft attacks, with the Clop ransomware gang confirming that they were behind them.
- June 09, 2023
- 06:44 PM
- 0
-
Royal ransomware gang adds BlackSuit encryptor to their arsenal
The Royal ransomware gang has begun testing a new encryptor called BlackSuit that shares many similarities with the operation's usual encryptor.
- June 08, 2023
- 03:12 AM
- 0
-
The Week in Ransomware - June 2nd 2023 - Whodunit?
It has been a fairly quiet week regarding ransomware, with only a few reports released and no new significant attacks. However, we may have a rebrand in the making, and a ransomware operation is likely behind a new zero-day data-theft campaign, so we have some news to talk about.
- June 02, 2023
- 05:47 PM
- 0
-
The Week in Ransomware - May 5th 2023 - Targeting the public sector
This week's ransomware news has been dominated by a Royal ransomware attack on the City of Dallas that took down part of the IT infrastructure.
- May 05, 2023
- 04:07 PM
- 0
-
City of Dallas hit by Royal ransomware attack impacting IT services
The City of Dallas, Texas, has suffered a Royal ransomware attack, causing it to shut down some of its IT systems to prevent the attack's spread.
- May 03, 2023
- 06:13 PM
- 8
-
March 2023 broke ransomware attack records with 459 incidents
March 2023 was the most prolific month recorded by cybersecurity analysts in recent years, measuring 459 attacks, an increase of 91% from the previous month and 62% compared to March 2022.
- April 19, 2023
- 03:00 AM
- 0
-
FBI and CISA warn of increasing Royal ransomware attack risks
CISA and the FBI have issued a joint advisory highlighting the increasing threat behind ongoing Royal ransomware attacks targeting many U.S. critical infrastructure sectors, including healthcare, communications, and education.
- March 03, 2023
- 11:20 AM
- 0
-
Linux version of Royal Ransomware targets VMware ESXi servers
Royal Ransomware is the latest ransomware operation to add support for encrypting Linux devices to its most recent malware variants, specifically targeting VMware ESXi virtual machines.
- February 05, 2023
- 10:15 AM
- 2
-
The Week in Ransomware - February 3rd 2023 - Ending with a mess
While the week started slowly, it turned into a big ransomware mess, with attacks striking a big blow at businesses running VMware ESXi servers.
- February 03, 2023
- 07:47 PM
- 2
-
Ransomware access brokers use Google ads to breach your network
A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims' passwords, and ultimately breach networks for ransomware attacks.
- January 24, 2023
- 06:07 PM
- 2
-
Royal ransomware claims attack on Queensland University of Technology
The Royal ransomware gang has claimed responsibility for a recent cyberattack on the Queensland University of Technology and begun to leak data allegedly stolen during the security breach.
- January 03, 2023
- 11:40 AM
- 0
-
Royal ransomware claims attack on Intrado telecom provider
The Royal Ransomware gang claimed responsibility for a cyber attack against telecommunications company Intrado on Tuesday.
- December 28, 2022
- 01:40 PM
- 0
-
The Week in Ransomware - December 23rd 2022 - Targeting Microsoft Exchange
Reports this week illustrate how threat actors consider Microsoft Exchange as a prime target for gaining initial access to corporate networks to steal data and deploy ransomware.
- December 23, 2022
- 03:51 PM
- 0
-
The Week in Ransomware - December 9th 2022 - Wide Impact
This week has been filled with research reports and news of significant attacks having a wide impact on many organizations.
- December 09, 2022
- 07:02 PM
- 0
-
US Health Dept warns of Royal Ransomware targeting healthcare
The U.S. Department of Health and Human Services (HHS) issued a new warning today for the country's healthcare organizations regarding ongoing attacks from a relatively new operation, the Royal ransomware gang.
- December 08, 2022
- 05:40 PM
- 0
- 1
- 2
