In an incident response in Q4 of 2024, GuidePoint Security identified evidence of a threat actor utilizing a Python-based backdoor to maintain access to compromised endpoints. The threat actor later leveraged this access to deploy RansomHub encryptors throughout the entire impacted network. ReliaQuest documented an earlier version of this malware on their website in February 2024.
I pirati del gruppo RansomHub pubblicano su Dark Web alcuni dei documenti sottratti e chiedono al club di Serie A di pagare un riscatto
Kawasaki Motors Europe has announced that it's recovering from a cyberattack that caused service disruptions as the RansomHub ransomware gang threatens to leak stolen data.
ESET découvre que le groupe CosmicBeetle s'associe à d'autres gangs de ransomwares et cible des entreprises en France. Tribune ESET. Les chercheurs d'ESET ont mené l’enquête sur ScRansom, un nouveau ransomware développé par le groupe CosmicBeetle. CosmicBeetle a débuté avec les outils Lockbit qui ont fuité. CosmicBeetle est probablement devenu récement un affilié RansomHub ScRansom
August 2024 witnessed a noticeable increase in ransomware activity, with emerging groups like Lynx and RansomHub showing dramatic...
Sophos discovers the threat actors behind RansomHub ransomware using EDRKillShifter in attacks
Discover how RansomHub's ransomware-as-a-service targets Windows, Linux, and ESXi systems.
The Dallas-based company had said in a regulatory filing in April that a cybercrime group was responsible for a data breach. The gang added Frontier to its leak site on June 1.
The hacking group RansomHub is threatening to release “sensitive personal information” about the auction house’s clients.
