Postal service has been unable to send letters and parcels overseas since Wednesday due to hacking
Royal Mail has been hit by a ransomware attack by a criminal group, which has threatened to publish the stolen information online.
The postal service has received a ransom note purporting to be from LockBit, a hacker group widely thought to have close links to Russia.
Confidential details including child passport scans and SEN data is published online, the BBC finds.
The news organization won't go into detail about what attackers hit, and why.
We recently discovered ransomware, which performs MSDTC service DLL Hijacking to silently execute its payload. We have named this ransomware CatB, based on the contact email that the ransomware group uses. The sample was first uploaded to VT on November 23, 2022 and tagged by the VT community as a possible variant of the Pandora Ransomware. The assumed connection to the Pandora Ransomware was due to some similarities between the CatB and Pandora ransom notes. However, the similarities pretty much end there. The CatB ransomware implements several anti-VM techniques to verify execution on a “real machine”, followed by a malicious DLL drop and DLL hijacking to evade detection.
More than 200 local governments, schools and hospitals in the U.S. were affected by ransomware in 2022, according to research conducted by cybersecurity firm Emsisoft.
The annual “State of Ransomware in the US” report found that 105 local governments; 44 universities and colleges; 45 school districts; and 25 healthcare providers operating 290 hospitals dealt with ransomware attacks last year.
In a New Year's Eve apology, the LockBit ransomware gang has expressed regret for attacking Toronto's Hospital for Sick Children and sent a free decryptor so files can be unscrambled. According to Brett Callow, a B.C.-based threat analyst for Emsisoft, the gang posted a message on its site claiming the attack was the work of an affiliate and violated their rules.
New PolyVice ransomware is likely in use by multiple threat actors building re-branded payloads with the same custom encryption scheme.
Cyble Research and Intelligence Labs analyzes multiple ransomware strains created based on leaked source code of Conti Ransomware.
In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.
Incident has hit parts of media company’s technology infrastructure, with staff told to work from home
“TargetCompany” is a type of ransomware that was first identified in June 2021. The researchers named it TargetCompany ransomware because it adds the targeted company name as a file extension to the encrypted files. In September 2022, researchers identified a TargetCompany ransomware variant targeting Microsoft SQL servers and adding the “Fargo” extension to the encrypted files. TargetCompany ransomware is also known to add a “Mallox” extension after encrypting the files.
Malicious packages that download ransomware binaries written in Golang published today, with more expected in the coming hours.
Vice Society, a ransomware gang, has been involved in high-profile activity against schools this year.
The latest FortiGuard Labs Threat Signal Ransomware Roundup covers the Cryptonite ransomware, along with protection recommendations. Read more.
The WatchGuard Security Team spends a lot of time chasing ransomware extortion groups throughout the dark web. So, it only fits that one of the newer ransomware extortion groups is named Endurance Ransomware. It appears this “group” is one individual known as IntelBroker, who has allegedly breached several entities of the US government and two […]
Vanuatu - an island courted by the US and China - has been stranded offline for over a week.
Cyble analyzes a new wave of ransomware attacks being led by AXLocker, Octocrypt, and Alice ransomware and how they target Discord tokens.
Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called "Zeppelin" in May 2020. He'd been on the job less than six months, and because of the way his predecessor architected things,…
Public schools in two Michigan counties are reopening on Thursday after a ransomware attack crippled their ability to function and closed doors to students for three days.
All of the public schools in Jackson and Hillsdale counties announced their reopening on Thursday in letters to parents, assuring them that cybersecurity experts, tech officials and law enforcement worked around the clock to restore the systems following outages that began on Monday.
