SecureWorld News

NOVEMBER 14, 2024

Ransomware attacks on healthcare organizations have sharply increased in 2024, as shown by recent research from Safety Detectives. Compared to 2023, healthcare providers are facing a higher frequency of ransomware incidents, impacting their ability to deliver essential services and protect sensitive patient data.

Healthcare 120

Healthcare Ransomware Identity Theft Data breaches 120

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. Matveyev faces charges under Russian law for creating programs designed to destroy, block, modify, or copy data, or bypass computer security measures. ” reported RIA Novosti.

Ransomware 120

Ransomware Healthcare Hacking Malware 120

Security Affairs

DECEMBER 26, 2024

A ransomware attack on Pittsburgh Regional Transit (PRT) was the root cause of the agency’s service disruptions. On December 23, 2024, Pittsburgh Regional Transit (PRT) announced it was actively responding to a ransomware attack that was first detected on Thursday, December 19.

Ransomware 123

Ransomware Cyber Attacks Hacking Cybersecurity 123

Security Affairs

MAY 4, 2025

A 36-year-old Yemeni man behind Black Kingdom ransomware is indicted in the U.S. authorities have indicted Rami Khaled Ahmed (aka Black Kingdom, of Sanaa, Yemen), a 36-year-old Yemeni national, suspected of being the administrator of the Black Kingdom ransomware operation. for 1,500 attacks on Microsoft Exchange servers.

Ransomware 115

Ransomware Encryption VPN Malware 115

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. The company confirmed that the security breach impacted some of its IT systems.

Technology 119

Technology Ransomware Engineering Manufacturing 119

Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office. ” reads a report published by Halcyon.

Ransomware 104

Ransomware Hacking Social Engineering VPN 104

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. ” reads the press release published by DoJ. in restitution.”

Ransomware 108

Ransomware Healthcare Government Cryptocurrency 108

Security Affairs

OCTOBER 4, 2023

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. Ransomware, a menace that has evolved into a formidable adversary, takes center stage in our examination of the cyber threat landscape during the second quarter of 2023.

Ransomware 133

Ransomware Data collection Cyber threats Hacking 133

SecureList

MAY 11, 2023

Ransomware keeps making headlines. attempted ransomware attacks which was 20% more than in 2021 (61.7M). attempted ransomware attacks which was 20% more than in 2021 (61.7M). Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted.

Ransomware 138

Ransomware Malware Architecture Telecommunications 138

Security Affairs

MARCH 7, 2025

Medusa ransomware has claimed nearly 400 victims since January 2023, with attacks increasing by 42% between 2023 and 2024. The Symantec Threat Hunter Team reported that the Medusa ransomware operators have claimed nearly 400 victims since January 2023. Experts tracked the Medusa ransomware activity as Spearwing.

Ransomware 64

Ransomware Antivirus Healthcare Encryption 64

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. OmniVision Technologies Inc.

Data breaches 135

Data breaches Ransomware Manufacturing Encryption 135

Security Affairs

FEBRUARY 11, 2025

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware gang. The ransomware component is then decrypted and loaded into the SmokeLoader process memory.

Ransomware 73

Ransomware Encryption Backups Malware 73

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. LockBit remained the most active group through 2023.

Ransomware 142

Ransomware Manufacturing Retail Insurance 142

Security Affairs

NOVEMBER 2, 2023

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. before 5.18.3

Ransomware 134

Ransomware Cybercrime Software Encryption 134

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” Ransomware attacks on U.S. In 2023, Loretto Hospital experienced another data security incident. The Loretto Hospital is a not-for-profit, community-focused health care provider.

Hacking 118

Hacking Healthcare Backups Ransomware 118

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. Akira Ransomware posts Stanford University. 430 gb of internal data.

Ransomware 133

Ransomware Data breaches Passwords Hacking 133

Security Affairs

APRIL 13, 2025

The ransomware group has since leaked the stolen data on its dark web leak site. Compromised data includes full names, contact details, ID numbers, banking information, drivers license numbers, medical records and passport details. Ransomware attacks on U.S. In 2023, Loretto Hospital experienced another data security incident.

Data breaches 130

Data breaches Unstructured Data Identity Theft Healthcare 130

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 billion in 2023. The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 billion in 2023. billion in 2023 (+38%).

Cybercrime 141

Cybercrime Internet Internet Scams 141

SecureList

MAY 14, 2024

Incident response analyst report 2023 As an information security company, our services include incident response and investigation, and malware analysis. Our annual Incident Response Report presents anonymized statistics on the cyberattacks we investigated in 2023. Read the full 2023 Incident Response Report (PDF).

Ransomware 129

Ransomware Passwords Authentication Government 129

Security Affairs

JULY 15, 2024

Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 (CVSS score of 7.5) The vulnerability was addressed in March 2023, and shortly after a PoC exploit code for this issue was released publicly.

Backups 141

Backups Ransomware Antivirus DNS 141

Security Affairs

MARCH 17, 2025

A researcher released a free decryptor for Linux Akira ransomware, using GPU power to recover keys through brute force. Security researcher Yohanes Nugroho created a free decryptor for Linux Akira ransomware , using GPUs to brute force the decryption keys. High timestamp precision and multi-threading add complexity.

Ransomware 69

Ransomware Encryption Malware Hacking 69

Security Affairs

JANUARY 3, 2025

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals. In May 2023, RUMC suffered a ransomware attack that caused a multi-week disruption.

Data breaches 78

Data breaches Ransomware Insurance Healthcare 78

Security Affairs

FEBRUARY 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. Throughout this period, the platform diligently tracked 185 criminal groups operating worldwide, meticulously tracing 342 servers employed for ransomware activities.

Ransomware 135

Ransomware Data collection Hacking Accountability 135

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware 71

Ransomware Encryption Cryptocurrency Insurance 71

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. In December 2023, the Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations of China-linked threat actor Volt Typhoon.

VPN 124

VPN Government Malware Manufacturing 124

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. TB of stolen data. The group claims the theft of 1.4

Technology 109

Technology Ransomware Engineering Manufacturing 109

Security Affairs

APRIL 22, 2025

In May 2023, the IT systems at the City of Dallas, Texas, were targeted by a ransomware attack. The City confirmed the security incident and worked to recover from the ransomware attack that impacted its services, including the police department. The Royal ransomware group claimed responsibility for the attack.

Ransomware 109

Ransomware Government Hacking Accountability 109

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. concludes the alert.

Ransomware 137

Ransomware Backups VPN Authentication 137

Security Affairs

OCTOBER 17, 2023

What is the impact of ransomware on organizations? Based on Ransomlooker, a free Cybernews tool for monitoring the dark web and other hidden areas of the internet, 64% of organizations have already suffered from a ransomware attack. One employee’s mistake can cost a company millions of dollars.

Social Engineering 139

Social Engineering Ransomware Engineering Phishing 139

Security Affairs

JANUARY 25, 2024

The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity. These observations were made by analyzing numerous 2023 threat findings and discoveries, and include references to case studies that were reported on by RedSense throughout the year.

Ransomware 128

Ransomware Cybercrime Malware Data breaches 128

Security Affairs

FEBRUARY 13, 2025

The group also created the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST).

Telecommunications 109

Telecommunications DNS Passwords Hacking 109

Security Affairs

OCTOBER 27, 2023

The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Lockbit ransomware group today added Boeing to the list of victims on its Tor leak site. ransomware ??????: In 2022, Boeing recorded $66.61 In 2022, Boeing recorded $66.61

Ransomware 144

Ransomware Manufacturing InfoSec Hacking 144

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. The Rhysida ransomware operators plan to sell the stolen data to a single buyer.

Ransomware 143

Ransomware Hacking Engineering Manufacturing 143

Security Affairs

AUGUST 10, 2024

A INC Ransom ransomware attack this week disrupted IT and phone systems at McLaren Health Care hospitals. On Tuesday, an INC Ransom ransomware attack hit the McLaren Health Care hospitals and disrupted their IT and phone systems. The security breach exposed the sensitive personal information of 2,192,515 people.

Ransomware 134

Ransomware Insurance Data breaches Cyber Attacks 134

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. LOCKBIT RANSOMWARE GANG DEMANDED AN 80 MILLION RANSOM TO CDW The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data.

Cybersecurity 135

Cybersecurity Spyware Data breaches Passwords 135

Security Affairs

APRIL 30, 2025

“Analysis of the team’s infrastructures shows that LARVA-290, the individual who obtained intrusion servers for and conducted numerous ransomware attacks, continues to play a critical IT admin role within the Nebulous Mantis team and in RomCom attacks.” .” reads the report published by PRODAFT.

Encryption 103

Encryption Ransomware Malware Phishing 103

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government 140

Government Surveillance Ransomware Cybercrime 140