Key Takeaways This intrusion began with the download and execution of a Cobalt Strike beacon that impersonated a Windows Media Configuration Utility. The threat actor used Rclone to exfiltrate data…
The 2024 ransomware attack on Change Healthcare exposed the data of about 190 million people, according to an update from parent company UnitedHealth Group.
In an incident response in Q4 of 2024, GuidePoint Security identified evidence of a threat actor utilizing a Python-based backdoor to maintain access to compromised endpoints. The threat actor later leveraged this access to deploy RansomHub encryptors throughout the entire impacted network. ReliaQuest documented an earlier version of this malware on their website in February 2024.
In 2024, ransomware groups claimed responsibility for 5,461 successful ransomware attacks on organizations worldwide. 1,204 of these attacks were confirmed by the targeted organizations. The rest were claimed by ransomware groups on their data leak sites, but have not been acknowledged by the targets.
Elle estimait que la société chargée du renouvellement de ses serveurs informatiques avait failli dans sa mission.
Prohibition would bring the NHS, schools and local councils into line with government departments
The Hellcat ransomware group has stolen roughly 5,000 documents, potentially containing confidential information, from the telecom giant's internal database.
Ciblée par une cyberattaque début décembre, VidyMed avait directement coupé l’accès aux systèmes pour contenir l’im
A new ransomware campaign encrypts Amazon S3 buckets using AWS's Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key.
The Japanese electronics giant says it did not negotiate with the hackers responsible for the attack.
Rhode Island officials said they're still analyzing the impact of a ransomware gang's breach of state health and social services systems. Some are still down.
The Clop ransomware gang started to extort victims of its Cleo data theft attacks and announced on its dark web portal that 66 companies have 48 hours to respond to the demands.
The LockBit ransomware group will soon launch a comeback with the planned release of LockBit 4.0 in February 2025, Cyble
U.K. investigators tell the story of how examining a cybercrime group's extortion funds helped to unravel a money-laundering network reaching from the illegal drug trade to Moscow's elite.
Cyber criminals claim to have successfully attacked Medion, a distributor of electronic products.
Ascension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation.
NotLockBit is a new and emerging ransomware family that actively mimics the behavior and tactics of the well-known LockBit ransomware.
Two NHS trusts in England have been hacked in recent weeks, the latest attacks to hit the national health service.
