Media and Ransomware - Cyber Security Informer

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware

Ransomware Hacking Accountability Cyber Attacks

News alert: SquareX discloses nasty browser-native ransomware that’s undetectable by antivirus

The Last Watchdog

MARCH 28, 2025

Mar 28, 2025, CyberNewswire — From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Traditionally, the primary target of ransomware has been the victims device. Palo Alto, Calif.,

Antivirus

Antivirus Ransomware Social Engineering Engineering

Translating Deep Cybersecurity Knowledge into Media Opportunities

SecureWorld News

APRIL 21, 2025

While it's clear you have a lot of value to bring to the market, you are facing a clear business challenge: how do you turn that specialized knowledge into media coverage that connects with your audience and grows your business? That's why successful media relations start with this mindset shift.

Media

Media Cybersecurity Marketing Healthcare

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

APRIL 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But according to Microsoft and an advisory from the U.S. National Security Agency (NSA).

Healthcare

Healthcare Ransomware Cybersecurity Malware

Russian Hacker “Wazawaka” Indicted for Ransomware

Krebs on Security

MAY 16, 2023

A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. And on April 26, 2021, Matveev and his Babuk gang allegedly deployed ransomware against the Metropolitan Police Department in Washington, D.C.

Ransomware

Ransomware Cybercrime Healthcare VPN

Russia Charges Notorious Ransomware Developer in Rare Cybercrime Case

SecureWorld News

DECEMBER 3, 2024

In a surprising move related to international cybercrime, Russian authorities have charged Mikhail Matveev, also known as "Wazawaka," with creating ransomware to extort commercial organizations, according to Russian media outlet RIA. His alleged exploits include: The 2021 attack on Washington, D.C.'s Multiple attacks on critical U.S.

Cybercrime

Cybercrime Ransomware Healthcare Cryptocurrency

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. ” Meanwhile, the U.S.

Ransomware

Ransomware Accountability Cybercrime Malware

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Krebs on Security

MARCH 5, 2024

healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. BlackCat is known as a “ransomware-as-service” collective, meaning they rely on freelancers or affiliates to infect new networks with their ransomware. There are indications that U.S.

Healthcare

Healthcare Ransomware Scams Government

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

.” Intrinsec found Prospero has courted some of Russia’s nastiest cybercrime groups, hosting control servers for multiple ransomware gangs over the past two years. A fake browser update page pushing mobile malware. But in September 2017, the Department of Homeland Security (DHS) barred U.S.

Malware

Malware Antivirus DDOS Software

BayMark Health Services sends breach notifications after ransomware attack

Malwarebytes

JANUARY 10, 2025

The RansomHub ransomware group claims to have exfiltrated an enormous 1.5 Here, the ransomware group lays blame on the company itself. This isn’t rare for a ransomware group, as the tactics and vernacular are often based around shame, guilt, and a pre-teen-like arrogance.

Ransomware

Ransomware Data breaches Passwords Phishing

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

Cybersecurity training for small businesses is critical, and SMBs should invest in training programs to help employees recognize threats such as phishing attacks, ransomware, and other malicious activities. Regular backups ensure that businesses can recover quickly from ransomware attacks or other data loss incidents.

Small Business

Small Business Data breaches Backups Passwords

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

The feds then obtained records from Virgin Media, which showed the address was leased for several months to Tyler Buchanan , a 22-year-old from Dundee, Scotland. The Spanish police told local media that Buchanan, who allegedly went by the alias “ Tylerb ,” at one time possessed Bitcoins worth $27 million.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Security Researcher Sued for Disproving Government Statements

Schneier on Security

SEPTEMBER 4, 2024

A city is the victim of a ransomware attack. They repeatedly lie to the media about the severity of the breach. This story seems straightforward. A security researcher repeatedly proves their statements to be lies. The city gets mad and sues the researcher.

Government

Government Media Ransomware

The Rise of Ransomware-as-a-Service (RaaS)

SecureWorld News

JULY 8, 2025

Ransomware is no longer the work of lone-wolf hackers with deep technical chops. Ransomware-as-a-Service (RaaS) has transformed cybercrime into an accessible, scalable platform that anyone can tap into—no code required. Explosive growth in ransomware attacks across every industry. The result?

Ransomware

Ransomware Cybercrime Phishing Cryptocurrency

Qilin ransomware gang claimed responsibility for the Lee Enterprises attack

Security Affairs

MARCH 2, 2025

The Qilin ransomware group claims responsibility for attacking the newspaper Lee Enterprises, stealing 350GB of data. The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, which impacted dozens of local newspapers. is a publicly traded American media company. Lee Enterprises , Inc.

Ransomware

Ransomware Cybercrime Encryption Healthcare

Social media beats TV as top American news source for first time, study finds

Zero Day

JUNE 18, 2025

Also: How new Facebook policies incentivize spreading misinformation For the first time this year (the RISJ has released a media report every year since 2012), the No. 1 spot, or the largest proportion of respondents who used a particular source in the past week, went to social media, with 54%. Traditional television claimed the No.

Media

Media Password Management Small Business Artificial Intelligence

Billions of logins for Apple, Google, Facebook, Telegram, and more found exposed online

Malwarebytes

JUNE 19, 2025

Take the 184 million logins for social media accounts we reported about recently. But that doesn’t take away from the fact that these credentials are in the hands of cybercriminals who can use them for: Account takeovers : Cybercriminals can use stolen credentials to hijack social media, banking, or corporate accounts.

Identity Theft

Identity Theft Passwords Phishing Accountability

IT threat evolution in Q3 2024. Non-mobile statistics

SecureList

NOVEMBER 29, 2024

More than 90,000 users experienced ransomware attacks. Nearly 18% of all victims published on ransomware gangs’ data leak sites (DLSs) had been hit by RansomHub. According to the UK’s National Crime Agency (NCA), this individual also was behind the infamous Reveton ransomware Trojan spread in 2012 — 2014.

Mobile

Mobile Adware Ransomware Malware

Big Game Ransomware: the myths experts tell board members

DoublePulsar

MAY 4, 2025

Theres a piece in The Sunday Times today about the DragonForce ransomware incident at Marks and Spencer which caught my eye. Travelex tried saying the ransomware incident was a technical issue at first. When I covered the Capita ransomware, they paid quietly paid Black Basta early on. This iswrong. Travelex arent alone.

Ransomware

Ransomware Backups Government VPN

The 3 biggest cybersecurity threats to small businesses

Malwarebytes

MAY 1, 2025

Whereas early phishing scams arrived almost entirely through emails, modern phishing scams can reach victims through malicious websites, text messages, social media, and even mobile app downloads. Social media account hacks are not only a risk to content creatorstheyre a risk to any business with a legitimate online audience.

Small Business

Small Business Cybersecurity Scams Passwords

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

This can impact not only the general public but also pose a heightened risk to individuals with significant media exposure, including activists, journalists, and politicians. These EDRs, representing the official cooperation channels between law enforcement agencies and social media platforms, are at risk of becoming a double-edged sword.

Cybercrime

Cybercrime Social Engineering Accountability Government

5 riskiest places to get scammed online

Malwarebytes

JUNE 18, 2025

They can profess their empty love to you across your social media apps. They use it to check emails, browse the internet, make phone calls, scroll through social media, and text family and friends. A romance scam, similarly, can start on a social media platform but can move into a messaging service like WhatsApp.

Scams

Scams Social Engineering Media Engineering

Honeywell Report OT Under Siege

SecureWorld News

JUNE 6, 2025

USB-borne threats are resurging: 13% of threats were introduced via removable media—still a glaring vulnerability in many industrial settings. USB and removable media: The forgotten threat vector Honeywell continues to track high-risk threats delivered via USB devices. OT defenders must plan for: Hybrid threats (e.g.,

Media

Media Social Engineering Malware Engineering

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work Sanders said he first encountered some of these services while investigating Kremlin-funded disinformation efforts in Ukraine, as they are all useful in assembling large-scale, anonymous social media campaigns. work and kopeechka[.]store

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. It continues: “Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system.

Ransomware

Ransomware Accountability Cybercrime Backups

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Cybercrime Artificial Intelligence

Zero Trust: What These Overused Cybersecurity Buzz Words Actually Mean – And Do Not Mean

Joseph Steinberg

JANUARY 20, 2022

A seemingly simple term that appears in pitches sent to me several times a day by cybersecurity product and services vendors that are seeking media exposure. Consider the case of ransomware, for example, and the fact that the number of successful ransomware attacks has skyrocketed in recent years. Zero Trust.

Cybersecurity

Cybersecurity Artificial Intelligence Ransomware Social Engineering

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. ” In an October 2013 discussion on the cybercrime forum Exploit , NeroWolfe weighed in on the karmic ramifications of ransomware. Last week, the United States joined the U.K.

Cybercrime

Cybercrime Ransomware Accountability Government

World Backup Day: A Clarion Call for Cyber Resilience

SecureWorld News

MARCH 31, 2025

In a digital world defined by ransomware, cloud sprawl, and hybrid infrastructures, the ability to recover data quickly and securely is one of the most important indicators of an organization's cyber resilience. Ransomware's bullseye: your backups Cybercriminals know that if they can destroy your backups, they've won.

Backups

Backups Encryption Mobile CISO

City of Columbus breach affects around half a million citizens

Malwarebytes

NOVEMBER 4, 2024

A ransomware attack against the City of Columbus, Ohio—which drew public scrutiny following the city government’s attempt to silence a researcher who told the public about the attack—has received a little more detail from an unexpected source: The Attorney General for the state of Maine.

Data breaches

Data breaches Passwords Phishing Ransomware

2024 in AI: It’s changed the world, but it’s not all good

Malwarebytes

DECEMBER 27, 2024

We started off 2024 with a warning from the British National Cyber Security Centre (NCSC) telling us it expects AI to heighten the global ransomware threat. A lot of AI related stories this year dealt with social media and other public sources that were scraped to train an AI model.

Scams

Scams Media Artificial Intelligence Technology

Security Affairs newsletter Round 497 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 10, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Ransomware Phishing Banking

News alert: SquareX to present on uncovering data splicing attacks at BSides San Francisco 2025

The Last Watchdog

APRIL 16, 2025

Key discoveries from YOBB include Polymorphic Extensions, Browser Ransomware and Browser Syncjacking, all of which have been covered by major publications such as Forbes, Bleeping Computer and Mashable. She is also a published author of The Browser Security Field Manual.

Architecture

Architecture Data breaches Ransomware Education

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

These agents could even hold people for ransom by matching stolen data online with publicly known email addresses or social media accounts, composing messages and holding entire conversations with victims who believe a human hacker out there has access to their Social Security Number, physical address, credit card info, and more.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

Digital life protection: How Webroot keeps you safe in a constantly changing world

Webroot

FEBRUARY 21, 2025

Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a daily reality. It combines multiple security capabilities into one easy-to-use package that includes: Antivirus protection Detects and neutralizes viruses, malware , spyware , and ransomware.

Antivirus

Antivirus Identity Theft Cyber threats Phishing

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

The Last Watchdog

NOVEMBER 19, 2023

That’s largely because the splashy headlines and online buzz created by bringing down the pair of casinos will only motivate more mid-level cybercriminals to follow Scattered Spiders’ model, putting wide-reaching businesses at risk of ransomware attacks due to the rise of ransomware-as-a-service models.

Social Engineering

Social Engineering Passwords Authentication Marketing

News alert: SpyCloud study shows gaps in EDR, antivirus — 66% of malware infections missed

The Last Watchdog

APRIL 7, 2025

Organizations need to take a layered approach to close the gaps before attacks progress deeper into their environments, resulting in events like ransomware and account takeover. Media contact: Emily Brown, REQ on behalf of SpyCloud, ebrown@req.co About SpyCloud: SpyCloud transforms recaptured darknet data to disrupt cybercrime.

Antivirus

Antivirus Malware Cybercrime Identity Theft

News alert: SquareX research finds browser AI agents are proving riskier than human employees

The Last Watchdog

JUNE 30, 2025

SquareX’s industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively detect, mitigate, and threat-hunt client-side web attacks, including malicious browser extensions, advanced spearphishing, browser-native ransomware, genAI DLP, and more. Find out more on www.sqrx.com.

Security Awareness

Security Awareness Risk Media Phishing

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

SecureWorld News

APRIL 22, 2025

Attack methodology: a step-by-step breakdown The Elusive Comet campaign begins with cybercriminals impersonating venture capitalists, media representatives, or business partners to lure cryptocurrency professionals into Zoom meetings. Victims are sent unsolicited invitations to join Zoom calls, often via links in phishing emails or messages.

Cryptocurrency

Cryptocurrency Social Engineering Cybercrime Engineering

Threat Landscape Report: Uncovering Critical Cyber Threats to Hospitality and Recreation

Digital Shadows

MARCH 12, 2025

Between September 1, 2024, and February 28, 2025, threat actors ramped up efforts to exploit this sector through spearphishing, impersonation campaigns, ransomware, and vulnerabilities in external remote services. The gambling subsector was hit hardest, followed by the music, media, and tourism industries.

Cyber threats

Cyber threats Cryptocurrency IoT Ransomware

IT threat evolution Q3 2024

SecureList

NOVEMBER 29, 2024

Interestingly, Twelve shares infrastructure, utilities and TTPs (Tactics, Techniques and Procedures) with the DARKSTAR ransomware group (formerly known as Shadow or COMET). This includes the use of the ngrok utility for tunneling, Radmin, AnyDesk and PuTTY for remote access, the Shamoon wiper and a leaked version of the LockBit ransomware.

Energy and Utilities

Energy and Utilities Ransomware Malware Government

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

The Last Watchdog

FEBRUARY 4, 2025

Malware reverse engineering to combat ransomware: SpyCloud specializes in the tracking and analyzing of malware with deep insights into pervasive infostealers such as Lumma C2 , Redline Stealer, Vidar, and more as they are often a precursor to ransomware. Media contact: Emily Brown, REQ on behalf of SpyCloud, ebrown@req.co

Cybercrime

Cybercrime Phishing Accountability Malware

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

That’s a crazy long time for an independent media outlet these days, but then again I’m bound to keep doing this as long as they keep letting me. Tank, seen here performing as a DJ in Ukraine in an undated photo from social media. KrebsOnSecurity turns 13 years old today.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

8Base ransomware group hacked Croatia’s Port of Rijeka

News alert: SquareX discloses nasty browser-native ransomware that’s undetectable by antivirus

Trending Sources

Translating Deep Cybersecurity Knowledge into Media Opportunities

Conti’s Ransomware Toll on the Healthcare Industry

Russian Hacker “Wazawaka” Indicted for Ransomware

Russia Charges Notorious Ransomware Developer in Rare Cybercrime Case

Who Wrote the ALPHV/BlackCat Ransomware Strain?

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

BayMark Health Services sends breach notifications after ransomware attack

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Security Researcher Sued for Disproving Government Statements

The Rise of Ransomware-as-a-Service (RaaS)

Qilin ransomware gang claimed responsibility for the Lee Enterprises attack

Social media beats TV as top American news source for first time, study finds

Billions of logins for Apple, Google, Facebook, Telegram, and more found exposed online

IT threat evolution in Q3 2024. Non-mobile statistics

Big Game Ransomware: the myths experts tell board members

The 3 biggest cybersecurity threats to small businesses

EDR-as-a-Service makes the headlines in the cybercrime landscape

5 riskiest places to get scammed online

Honeywell Report OT Under Siege

How Cryptocurrency Turns to Cash in Russian Banks

A Closer Look at the Snatch Data Ransom Group

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Zero Trust: What These Overused Cybersecurity Buzz Words Actually Mean – And Do Not Mean

How Did Authorities Identify the Alleged Lockbit Boss?

World Backup Day: A Clarion Call for Cyber Resilience

City of Columbus breach affects around half a million citizens

2024 in AI: It’s changed the world, but it’s not all good

Security Affairs newsletter Round 497 by Pierluigi Paganini – INTERNATIONAL EDITION

News alert: SquareX to present on uncovering data splicing attacks at BSides San Francisco 2025

New AI “agents” could hold people for ransom in 2025

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Digital life protection: How Webroot keeps you safe in a constantly changing world

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

News alert: SpyCloud study shows gaps in EDR, antivirus — 66% of malware infections missed

News alert: SquareX research finds browser AI agents are proving riskier than human employees

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

Threat Landscape Report: Uncovering Critical Cyber Threats to Hospitality and Recreation

IT threat evolution Q3 2024

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

Happy 13th Birthday, KrebsOnSecurity!

Stay Connected