Krebs on Security

NOVEMBER 2, 2021

A number of publications in September warned about the emergence of “ Groove ,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. Now I just need to start writing [the article], but I can’t start writing it without checking everything.” government interests online.

Ransomware 334

Ransomware Cybercrime Media VPN 334

Graham Cluley

MAY 30, 2025

The malicious hackers behind the Interlock ransomware try to justify their attacks. Learn more about what you need to know about Interlock in my article on the Tripwire State of Security blog. "We don’t just want payment; we want accountability."

Ransomware 88

Ransomware Accountability Data breaches Malware 88

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. penned a two-part analysis on why smart contracts will make ransomware more profitable. “Cryptocurrency article contest! .

Ransomware 280

Ransomware Cryptocurrency DDOS Scams 280

Graham Cluley

OCTOBER 24, 2024

Read more in my article on the Tripwire State of Security blog. But that doesn't mean that Mac users should be complacent. And the recent discovery of a new malware strain emphasises that the threat - even if much smaller than on Windows - remains real.

Ransomware 141

Ransomware Malware 141

Graham Cluley

JUNE 6, 2025

Over Easter, retail giant Marks & Spencer (M&S) discovered that it had suffered a highly damaging ransomware attack that left some shop shelves empty, shut down online ordering, some staff unable to clock in and out, and caused some of its major suppliers to resort to pen and paper.

Ransomware 80

Ransomware Retail Data breaches Malware 80

Lohrman on Security

JUNE 20, 2021

The North Atlantic Treaty Organization (NATO) opened the door for cyber attacks to trigger “Article 5” actions. This is a big deal — here’s why.

Cyber Attacks 292

Cyber Attacks Ransomware 292

Schneier on Security

SEPTEMBER 7, 2022

This article makes LockBit sound like a legitimate organization: The DDoS attack last weekend that put a temporary stop to leaking Entrust data was seen as an opportunity to explore the triple extortion tactic to apply more pressure on victims to pay a ransom.

Ransomware 245

Ransomware DDOS Encryption 245

Security Affairs

OCTOBER 13, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000!

Malware 128

Malware DDOS Cryptocurrency Education 128

Krebs on Security

JANUARY 6, 2020

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. VCPI) was hit by the Ryuk ransomware strain. In mid-November 2019, Wisconsin-based Virtual Care Provider Inc.

Passwords 274

Passwords Ransomware Password Management Malware 274

Security Affairs

OCTOBER 20, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 129

Malware Ransomware Encryption Phishing 129

SecureWorld News

JANUARY 8, 2025

Here's what happened: In August 2024, Stoli got hit with ransomware. But the ransomware attack wasn't their only problem. Then ransomware hit. Here are three examples or organizations that all closed after ransomware struck: Lincoln College (Illinois): This private college ceased operations in May 2022.

Ransomware 113

Ransomware Manufacturing Government Accountability 113

Krebs on Security

MAY 18, 2020

” As proof of his service’s effectiveness, RedBear points to almost a dozen articles on Krober[.]biz One of many articles Lebron published on Krober[.]biz His final post on Exploit in May 2017 somewhat jokingly indicated he was joining an upstart ransomware affiliate program. RANSOMWARE DREAMS.

Malware 361

Malware Cybercrime Ransomware Marketing 361

Graham Cluley

JULY 12, 2024

Despite first appearing earlier this year, RansomHub is already considered one of the most prolific ransomware groups in existence. Read more in my article on the Tripwire State of Security blog.

Ransomware 142

Ransomware Malware 142

Graham Cluley

SEPTEMBER 5, 2024

Cicada (also known as Cicada3301) is a sophisticated ransomware, written in Rust, that has claimed more than 20 victims since its discovery in June 2024. Read more in my article on the Tripwire State of Security blog.

Ransomware 141

Ransomware Malware 141

Graham Cluley

JULY 17, 2024

A new strain of the HardBit ransomware has emerged in the wild, which contains a protection mechanism in an attempt to prevent analysis from security researchers. Read more in my article on the Tripwire State of Security blog.

Ransomware 141

Ransomware Malware 141

Graham Cluley

JUNE 20, 2024

Qilin (also known as Agenda) is a ransomware-as-a-service criminal operation that works with affiliates, encrypting and exfiltrating the data of hacked organisations and then demanding a ransom be paid. Read more in my article on the Tripwire State of Security blog.

Ransomware 141

Ransomware Encryption Hacking Data breaches 141

Schneier on Security

DECEMBER 6, 2022

Kaspersky is reporting on a data wiper masquerading as ransomware that is targeting local Russian government networks. News article. The Trojan corrupts any data that’s not vital for the functioning of the operating system. The malware focuses on databases, archives, and user documents. Nothing leading to an attribution.

Ransomware 287

Ransomware Government Malware 287

Graham Cluley

JULY 25, 2024

Learn more about the SEXi / APT Inc ransomware in my article on the Tripwire State of Security blog. A cybercrime group has gained notoriety for attacking VMware ESXi servers since February 2024.

Ransomware 140

Ransomware Cybercrime Malware 140

Graham Cluley

JULY 4, 2024

Security researchers have warned that a new ransomware group has taken an unusual twist on the traditional method of extorting money from its corporate victims. Read more in my article on the Tripwire State of Security blog.

Ransomware 141

Ransomware Data breaches 141

Graham Cluley

JUNE 20, 2024

Newly-released research indicates that ransomware attacks reached a record high in May, with the surge primarily fueled by a massive increase in the number of attacks perpetrated by the LockBit ransomware group and its affiliates. Read more in my article on the Exponential-e blog.

Ransomware 134

Ransomware Malware 134

Graham Cluley

DECEMBER 7, 2023

A cybercriminal group calling itself BlackSuit has claimed responsibility for a series of ransomware attacks, including breaches at schools in central Georgia. Learn more about the BlackSuit ransomware in my article on the Tripwire State of Security blog.

Ransomware 144

Ransomware Hacking Data breaches Malware 144

Graham Cluley

SEPTEMBER 24, 2024

A new ransomware operation has started to leak information it claims has been stolen from organisations it has compromised around the world. Read more in my article on the Tripwire State of Security blog.

Ransomware 143

Ransomware Manufacturing Data breaches Malware 143

DoublePulsar

MAY 4, 2025

Theres a piece in The Sunday Times today about the DragonForce ransomware incident at Marks and Spencer which caught my eye. Travelex tried saying the ransomware incident was a technical issue at first. When I covered the Capita ransomware, they paid quietly paid Black Basta early on. This iswrong. Travelex arent alone.

Ransomware 64

Ransomware Backups Government VPN 64

Graham Cluley

OCTOBER 3, 2024

International law enforcement continues to dismantle the LockBit ransomware gang's infrastructure. Read more in my article on the Tripwire State of Security blog.

Ransomware 136

Ransomware Malware 136

Graham Cluley

APRIL 11, 2024

Learn more about the DragonForce ransomware - how it came to prominence, and some of the unusual tactics used by the hackers who extort money from companies with it. Read more in my article on the Tripwire State of Security blog.

Ransomware 144

Ransomware Data breaches Malware 144

Graham Cluley

FEBRUARY 15, 2024

A group of South Korean security researchers have uncovered a vulnerability in the infamous Rhysida ransomware that provides a way for encrypted files to be unscrambled. Read more in my article on the Tripwire State of Security blog.

Ransomware 143

Ransomware Encryption Malware 143

Trend Micro

OCTOBER 15, 2024

This article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions.

Ransomware 132

Ransomware Accountability 132

Graham Cluley

AUGUST 12, 2024

A notorious ransomware group has demanded more than half a billion dollars from victims in less than two years. Read more in my article on the Hot for Security blog.

Ransomware 135

Ransomware Malware 135

Security Affairs

MAY 18, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape PupkinStealer : A.NET-Based Info-Stealer Interlock ransomware evolving under the radar Technical Analysis of TransferLoader Sophisticated NPM Attack Leveraging Unicode Steganography and Google Calendar C2 Horabot Unleashed: (..)

Malware 106

Malware Encryption Phishing Hacking 106

Adam Levin

NOVEMBER 26, 2019

“Our team was able to access this server because it was completely unsecured and unencrypted,” announced VPN review website vpnMentor in a blog article describing their findings. . The contents of the database could also help hackers and cybercriminals target the same companies in other ways.

B2B 295

B2B Spyware VPN Phishing 295

Graham Cluley

AUGUST 29, 2024

2024 looks set to be the highest-grossing year yet for ransomware gangs, due - in no small part - to emboldened cybercriminals causing costly disruption at larger companies. Read more in my article on the Exponential-e blog.

Ransomware 135

Ransomware Malware 135

Joseph Steinberg

JANUARY 20, 2022

Consider the case of ransomware, for example, and the fact that the number of successful ransomware attacks has skyrocketed in recent years. In actuality, wildfire is not even a good example, because ransomware can actually spread orders of magnitude faster than wildfire!). This post is sponsored by VMware.

Cybersecurity 363

Cybersecurity Artificial Intelligence Ransomware Social Engineering 363

Graham Cluley

JULY 23, 2024

British police have arrested a 17-year-old boy believed to be linked to a cybercriminal gang that launched devastating ransomware attacks last year on MGM Resorts and other companies. Read more in my article on the Hot for Security blog.

Ransomware 133

Ransomware Data breaches Malware 133

Graham Cluley

JULY 9, 2024

A ransomware attack by the BlackSuit gang against South Africa's National Health Laboratory Service (NHLS) has put lives at risk and created chaos for healthcare services across the country. Read more in my article on the Hot for Security blog.

Ransomware 138

Ransomware Healthcare Risk Malware 138

Graham Cluley

DECEMBER 4, 2023

Ransomware hits firm that providing cloud services to credit unions in order ensure that their business activities could "operate without interruption, even when nothing else seems to be going well." Read more in my article on the Tripwire State of Security blog.

Ransomware 144

Ransomware Data breaches Malware 144

Graham Cluley

JANUARY 25, 2024

In a newly published report, the UK's National Cyber Security Centre (NCSC) has warned that malicious attackers are already taking advantage of artificial intelligence and that the volume and impact of threats - including ransomware - will increase in the next two years. Read more in my article on the Tripwire State of Security blog.

Artificial Intelligence 144

Artificial Intelligence Ransomware Malware 144

Graham Cluley

APRIL 25, 2024

A wave of cheap, crude, amateurish ransomware has been spotted on the dark web - and although it may not make as many headlines as LockBit, Rhysida, and BlackSuit, it still presents a serious threat to organizations. Read more in my article on the Tripwire State of Security blog.

Small Business 143

Small Business Ransomware Malware 143