Tag: Ransomware

Phobos Ransomware Mimics VX-Underground Researchers

Ransomware criminals from Phobos group released ransomware that masquerades as the development of VX-Underground community

A new version of Phobos ransomware claims to be developed by VX-Underground, a malware info sharing community. Hackers again disguise themselves as information security specialists, ruining their image. How funny or serious is this all? What is Phobos ransomware? Phobos ransomware emerged in 2018 as a ransomware-as-a-service (RaaS), an offshoot of the Crysis ransomware family.… Continue reading Phobos Ransomware Mimics VX-Underground Researchers

Welltok Data Breach Exposes More Than 8 million Patients

Welltok's breach, affecting 8.5M patients, emphasizes the imperative for rigorous cybersecurity in safeguarding sensitive healthcare data.

Welltok, a healthcare Software as a Service (SaaS) provider, has reported unauthorized access to its MOVEit Transfer server, impacting the personal information of nearly 8.5 million patients in the United States. The breach, detected on July 26, 2023, has raised concerns about the security of patient data and has significant implications for healthcare providers across… Continue reading Welltok Data Breach Exposes More Than 8 million Patients

ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC

Ransomware operators made use of the recent law to force the victim to pay the ransom

Ransomware Gang ALPHV Takes Unprecedented Step: Files SEC Complaint Over Alleged Victim’s Undisclosed Breach. And no, this is not a joke from ChatGPT. Hackers from BlackCat/ALPHV group found yet another way to make the victim pay the ransom. ALPHV Files SEC Compliant The ALPHV/BlackCat filed a complaint with the U.S. Securities and Exchange Commission (SEC)… Continue reading ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC

Moneris Hacked, Medusa Ransomware Claims

Major Canadian fintech Moneris hacked by Medusa ransomware.

Canadian fintech giant Moneris has been claimed to have been hacked by the notorious Medusa ransomware group. It sends shockwaves through the country’s financial sector. The group is known for its aggressive tactics and audacious targets. They have demanded a ransom of $6 million in exchange for stolen data and the prevention of further disruption.… Continue reading Moneris Hacked, Medusa Ransomware Claims

LockBit Ransomware Exposes Boeing’s 50GB of Data Leaked

50 GB of Boeing Data Leaked Days After Attack LockBit Ransomware

In a cybersecurity nightmare, Boeing, a global aerospace and defense titan, has fallen victim to the notorious LockBit ransomware group. It resulted in the exposure of a staggering 50 gigabytes of sensitive data. The breach came to light on November 15, 2023, as LockBit made good on its threat. They published Boeing’s confidential information after… Continue reading LockBit Ransomware Exposes Boeing’s 50GB of Data Leaked

Boeing Hack Confirmed, LockBit Group Resposible

6 days past the listing on the Darknet site, Boeing confirms the ransomware attack

Boeing, a major aircraft manufacturer and aerospace & defence contractor in the US, has confirmed the ransomware attack. A week before, on October 27, it was listed by LockBit ransomware on their Darknet site. Now, Reuters agency has confirmed that the incident was real. Boeing Hacked by LockBit On October 27, 2023, LockBit cybercrime group… Continue reading Boeing Hack Confirmed, LockBit Group Resposible

Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?

Octo Tempest stands as one of the most perilous financial hacking groups in the cybersecurity landscape, posing significant threats to organizations worldwide.

Octo Tempest, a financially-motivated hacking group, has been labeled “one of the most dangerous financial criminal groups” by Microsoft. Known as UNC3944 and 0ktapus, the group has gained attention for bold cyber attacks. What is Octo Tempest Cybercrime Gang? Octo Tempest’s journey into the world of cybercrime is an intriguing one. Only a few months… Continue reading Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?

Ragnar Locker Ransomware Shutdown, Infrastructure Seized

RagnarLocker ransomware group have likely faced their Ragnarok, arranged by Europol

On October 19, 2023, a group of international law enforcement orgs claimed the seizure of server infrastructure of the Ragnar ransomware gang. This appears to be a new trend, as it is the third widely-discussed infrastructure seizure over the last 2 months. What is the Ragnar ransomware group? Ragnar a.k.a.Ragnar_Locker or RagnarLocker is a cyber… Continue reading Ragnar Locker Ransomware Shutdown, Infrastructure Seized

Trigona Ransomware Hacked by Ukrainian Cyber Alliance

Hackers rarely expect a threat from other hackers - and that's a pretty hazardous misconception

Trigona ransomware, a novice threat actor active since late 2022, got its servers “exfiltrated and wiped” by Ukrainian Cyber Alliance (UCA). White hat hackers also claim about the backups of Trigona’s network infrastructure being wiped. What is Trigona Ransomware? Trigona is a relatively new ransomware actor, active for around a year at the moment (since… Continue reading Trigona Ransomware Hacked by Ukrainian Cyber Alliance

Redline and Vidar Stealers Switch to Ransomware Delivery

In addition to spreading stealer malware, hackers started to deploy ransomware through the same channels

Cybercriminals who stand behind RedLine and Vidar stealers decided to diversify their activity. Now, crooks deploy ransomware, using the same spreading techniques as they used to deliver their spyware. Meanwhile, the process of ransomware enrollment is rather unusual and is full of advanced evasion techniques. What are Redline and Vidar Stealers? RedLine is an infostealer… Continue reading Redline and Vidar Stealers Switch to Ransomware Delivery