This would be the third time this year that a Sony-owned company has been breached by hackers
Un ressortant russe résidant à Chypre, âgé d’une quarantaine d’années, a été interpellé la semaine dernière à Paris, soupçonné de liens avec la franchise de rançongiciel Hive.
Hackers accessed the personal and health data of 2.5 million patients — and employees — during a May ransomware attack.
Globalement, le mois écoulé se distingue par un niveau inédit de la menace observable, et incohérent avec la saisonnalité historiquement constatée. Mais cela ne vaut pas pour la France.
The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation.
Play ransomware has turned into Ransomware-as-a-Service (RaaS), allowing other cybercriminals to use it.
Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack.
A new strain of ransomware called MadCat has been linked by security researchers to suspected scammers who pretend to sell passport details on the dark web so they can rip off their fellow crooks.
Cisco Talos identified the most prolific Phobos variants, TTPs and affiliate structure, based on their activity and analysis of over 1,000 samples from VirusTotal dating back to 2019. We assess with moderate confidence Eking, Eight, Elbie, Devos and Faust are the most common variants
The Rhysida ransomware group says it's behind the highly disruptive October cyberattack on the British Library, leaking a snippet of stolen data in the process.
A low-res image shared to its leak site appears to show a handful of passport scans, along with other documents, some of which display the format of HMRC employment documents.
Ransomware’s business model is a big part of what’s made it such a potent threat for so many years. However, we dug into multi-point ransomware attacks from 2023, and found another factor in ransomware’s staying power: a seemingly endless supply of new cyber crime groups starting ransomware operations.
China's biggest lender, the Industrial and Commercial Bank of China, paid a ransom after it was hacked last week, a Lockbit ransomware gang representative said on Monday in a statement which Reuters was unable to independently verify.
Toyota Financial Services (TFS) has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company.
What defines success for ransomware actors during an attack? Breaching a victim’s network, exfiltrating valuable data, and encrypting systems are crucial components. However, the ultimate measurement of success is the actor’s ability to extort a ransom payment, which determines if they achieve their financial goals. Navigating the ransom negotiation phase, whether conducted by the victims themselves or designated recovery firms, demands a high level of expertise and a deep understanding of the attackers involved. This includes studying of the threat actor’s profile, tactics, and evolving strategies. In this complex landscape, there is no one-size-fits-all playbook for successfully managing the negotiation phase, as each ransomware group exhibits distinct behaviors and adopts new tactics shaped by many factors.
Recently, I’ve been tracking LockBit ransomware group as they’ve been breaching large enterprises:
I thought it would be good to break down what is happening and how they’re doing it, since LockBit are breaching some of the world’s largest organisations — many of whom have incredibly large security budgets.
Through data allowing the tracking of ransomware operators, it has been possible to track individual targets. Recently, it has become clear they have been targeting a vulnerability in Citrix Netscaler, called CitrixBleed. Prior reading:
Informations actuelles de l'administration. Tous les communiqués de l'administration fédérale, des départements et des offices.
The Boeing Company, a jetliner manufacturer and US defense contractor, had the company’s data leaked by the LockBit ransomware gang. So far, around 50 gigabytes of compressed data was uploaded LockBit's dark web blog.
LockBit has allegedly started leaking data that the gang stole from Boeing in late October. The Cybernews research team noted there's around of 50 GB of supposedly Boeing's data. Bulk of the data appears to be various backups.
Chinese bank says it has contained a hack that affected some fixed income and equities transactions
An Atlassian spokesperson said the company had evidence to support what cybersecurity researchers reported over the weekend: A vulnerability affecting the Confluence Data Center and Confluence Server products was being used in cybercrime.
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware.
