Security Affairs

NOVEMBER 21, 2024

Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Knight, also known as Cyclops 2.0,

Government 144

Government Hacking Ransomware Insurance 144

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime 117

Cybercrime Ransomware Healthcare Education 117

Security Affairs

NOVEMBER 13, 2024

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system’s drives. ShrinkLocker ransomware was first discovered in May 2024 by researchers from Kaspersky. “ShrinkLocker is a novel ransomware strain that leverages a unique approach to encrypt systems.

Ransomware 124

Ransomware Encryption Passwords Backups 124

Security Affairs

NOVEMBER 8, 2024

Texas oilfield supplier Newpark Resources suffered a ransomware attack that disrupted its information systems and business applications. Texas oilfield supplier Newpark Resources revealed that a ransomware attack on October 29 disrupted access to some of its information systems and business applications.

Ransomware 124

Ransomware Manufacturing Malware Hacking 124

Security Affairs

DECEMBER 4, 2024

BT Group (formerly British Telecom)’s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack.

Ransomware 127

Ransomware Telecommunications Healthcare Insurance 127

Security Affairs

MAY 13, 2025

A 45-year-old foreign man has been arrested in Moldova for allegedly participating in ransomware attacks on Dutch companies in 2021. He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting Dutch companies. million euros.”

Ransomware 108

Ransomware Cybercrime Malware Banking 108

Security Affairs

MAY 11, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape iClicker site hack targeted students with malware via fake CAPTCHA New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms Backdoor found in popular ecommerce components Stealthy Linux backdoor leveraging (..)

Malware 97

Malware eCommerce Hacking Ransomware 97

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. In May 2023, the US Justice Department charged Russian national Mikhail Pavlovich Matveev for his alleged role in multiple ransomware attacks. ” reported RIA Novosti.

Ransomware 120

Ransomware Healthcare Hacking Malware 120

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. Broadcom researchers reported that threat actors behind an RA World ransomware attack against an Asian software and services firm employed a tool that was explosively associated in the past with China-linked APT groups.

Ransomware 120

Ransomware Software Cybercrime Encryption 120

Security Affairs

MAY 13, 2025

Interlock Ransomware ‘s attack on a defense contractor exposed global defense supply chain details, risking operations of top contractors and their clients. Resecurity envisions the cascading effects on the defense supply chain due to ransomware activity.

Ransomware 114

Ransomware Cyber Attacks Risk Hacking 114

SecureWorld News

MARCH 13, 2025

A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. While the AI-generated malware required manual debugging to function properly, its mere existence signals an urgent need for security teams to adapt their defenses.

Malware 114

Malware Cybersecurity Cyber threats Threat Detection 114

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware 126

Ransomware Hacking Accountability Cyber Attacks 126

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government 127

Government Ransomware Hacking Manufacturing 127

Security Affairs

DECEMBER 26, 2024

A ransomware attack on Pittsburgh Regional Transit (PRT) was the root cause of the agency’s service disruptions. On December 23, 2024, Pittsburgh Regional Transit (PRT) announced it was actively responding to a ransomware attack that was first detected on Thursday, December 19.

Ransomware 123

Ransomware Cyber Attacks Hacking Cybersecurity 123

Security Affairs

MARCH 30, 2025

The Walmart-owned membership warehouse club chain Sams Club is investigating claims of a Cl0p ransomware security breach. This week, Cl0p ransomware group listed Sams Club among the victims of its December Cleo software exploit , accusing it of ignoring security. Victims include Petmate, and Simple Human.

Ransomware 118

Ransomware Data breaches Software Hacking 118

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. The company confirmed that the security breach impacted some of its IT systems.

Technology 119

Technology Ransomware Engineering Manufacturing 119

Security Affairs

FEBRUARY 20, 2025

NailaoLocker ransomware is a new threat that targeted European healthcare organizations from June to October 2024. The experts believe threat actors exploited the zero-dayCVE-2024-24919 in Check Point Security Gateways with Remote Access VPN or Mobile Access features. This launches the malware routine.”

Healthcare 87

Healthcare Ransomware VPN Malware 87

Security Affairs

DECEMBER 3, 2024

ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC. A ransomware attack disrupted the operations of a major energy industry contractor, ENGlobal Corporation. No ransomware gang has claimed responsibility for the attack. million year-to-date.

Ransomware 121

Ransomware Encryption Technology Cybersecurity 121

Security Affairs

JANUARY 22, 2025

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024.

Ransomware 98

Ransomware Malware Social Engineering Engineering 98

Security Affairs

NOVEMBER 18, 2024

A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. “On September 8, 2024, we suffered a ransomware attack on our computer system.

Ransomware 126

Ransomware Insurance Encryption Healthcare 126

Security Affairs

NOVEMBER 6, 2024

Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, and disrupted the access to its Electronic Health Record system. Ransomware attacks on U.S. terabytes of data.

Ransomware 127

Ransomware Healthcare Antivirus Data breaches 127

Security Affairs

MAY 8, 2025

Lockbit ransomware group has been compromised, attackers stole and leaked data contained in the backend infrastructure of their dark web site. Hackers compromised the dark web leak site of the LockBit ransomware gang and defaced it, posting a message and a link to the dump of the MySQL database of its backend affiliate panel.

Ransomware 110

Ransomware Data breaches Hacking Accountability 110

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. “Sorry, but this is f *d up. 428 hospitals.”

Ransomware 301

Ransomware Healthcare Cybercrime Government 301

Security Affairs

JANUARY 15, 2025

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS keys to encrypt data in S3 buckets. Halcyon researchers pointed out that this ransomware campaign does not exploit any AWS vulnerability.

Encryption 119

Encryption Ransomware Authentication Accountability 119

Security Affairs

FEBRUARY 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 74

Malware Spyware Ransomware Hacking 74

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 75

Malware Spyware Government Mobile 75

Security Affairs

MARCH 16, 2025

A Micronesian state suffered a ransomware attack and was forced to shut down all computers of its government health agency. A state in Micronesia, the state of Yap, suffered a ransomware attack, forcing the shutdown of all computers in its government health agency. No ransomware group has claimed responsibility for this attack.

Ransomware 118

Ransomware Government Internet Internet 118

Security Affairs

FEBRUARY 11, 2025

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantled the 8Base ransomware gang. The ransomware component is then decrypted and loaded into the SmokeLoader process memory.

Ransomware 73

Ransomware Encryption Backups Malware 73

Security Affairs

FEBRUARY 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 73

Malware Scams Banking Ransomware 73

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 80

Malware Cryptocurrency Engineering Encryption 80

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 29, 2024, the City published an update on the City’s website and confirmed that the City of Columbus suffered a ransomware attack. The gang claimed they had stolen databases containing 6.5

Ransomware 116

Ransomware Identity Theft Data breaches Cyber threats 116

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. ” reads the press release published by DoJ. in restitution.”

Ransomware 108

Ransomware Healthcare Government Cryptocurrency 108

Security Affairs

APRIL 25, 2025

The Interlock ransomware gang claimed responsibility for the attack on the leading kidney dialysis company DaVita and leaked alleged stolen data. Theyve activated contingency plans and manual procedures where necessary and are working to securely restore affected systems. The DaVita network was encrypted by InterLock Ransomware.

Ransomware 101

Ransomware Encryption Insurance Marketing 101

Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office.

Ransomware 104

Ransomware Hacking Social Engineering VPN 104

Security Affairs

MARCH 24, 2025

Medusa ransomware uses a malicious Windows driver ABYSSWORKER to disable security tools, making detection and mitigation more difficult. Elastic Security Labs tracked a financially driven MEDUSA ransomware campaign using a HEARTCRYPT-packed loader and a revoked certificate-signed driver, ABYSSWORKER, to disable EDR tools.

Ransomware 89

Ransomware Malware Hacking Cybercrime 89

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 66

Malware Artificial Intelligence DNS Ransomware 66

Security Affairs

DECEMBER 9, 2024

Romanian energy supplier Electrica Group is investigating an ongoing ransomware attack impacting its operations. The company assured investors that the attack hadn’t affected its critical systems, but temporary disruptions in customer services might occur due to enhanced security protocols.

Ransomware 120

Ransomware Cyber Attacks Cybercrime Marketing 120