Cyber Security News
CISA Warns Of Black Basta Ransomware Attacking 500+ Industries
Black Basta ransomware is used by threat actors because of its powerful abilities and inconspicuous moves.
Security Affairs
Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide
Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported.
Bleeping Computer
CISA: Black Basta ransomware breached over 500 orgs worldwide
CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024.
Security Affairs
Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Infosecurity News
Over 850 Vulnerable Devices Secured Through CISA Ransomware Program
CISA’s RVWP program sent 1754 ransomware vulnerability notifications to government and critical infrastructure entities in 2023, leading to 852 devices being secured
The Cyber Express
CISA Launches Ransomware Vulnerability Warning Pilot to Protect Critical Infrastructure
In response to this growing threat, the Cybersecurity and Infrastructure Security Agency (CISA) has launched the Ransomware Vulnerability Warning Pilot
Cyber Security News
Cyber Security News Weekly Round-Up : Vulnerabilities, Cyber Attacks, Threats & New Cyber Stories
Stay updated with the most recent advancements in the cybersecurity industry with our weekly recap of cybersecurity news.
Cyber Security News
CISA & FBI Releases TTPs & IOCs Used by Phobos Ransomware Group
The FBI, CISA, and MS-ISAC are urging critical infrastructure organizations to be vigilant against Phobos ransomware.
Security Affairs
Security Affairs newsletter Round 461 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Bleeping Computer
The Week in Ransomware - March 1st 2024 - Healthcare under siege
Ransomware attacks on healthcare over the last few months have been relentless, with numerous ransomware operations targeting hospitals and medical services, causing disruption to patient care and access to prescription drugs in the USA.
The Cyber Express
Audacious Attacks, Evading Answers: Why LockBit, BlackCat Targeting US Healthcare?
In a world where technology and healthcare collide, a disturbing pattern has emerged: cyberattacks on hospitals in the United States
The Cyber Wire
Joint cybersecurity advisory on Phobos ransomware.
Comprehensive guide on mitigating Phobos ransomware threats, issued by the FBI, CISA, and MS-ISAC. This advisory unpacks the tactics, techniques, and procedures (TTPs) of the Phobos ransomware, operating under a Ransomware-as-a-Service (RaaS) model, targeting critical infrastructures since May 2019. Learn about effective strategies to secure RDP ports, remediate vulnerabilities, and implement EDR solutions to safeguard against this evolving cyber threat.
DataBreaches
CISA Alert CodeAA23-353A: ALPHV BlackCat
February 27, 2024: SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network...
The Cyber Express
ALPHV Ransomware Claims Dual Victims, One Confirmed
The ALPHV/BlackCat ransomware group has purportedly claimed two new victims: Verbraucherzentrale Hessen, a consumer advice center in Germany, and Electro
The Cyber Express
ALPHV Ransomware Claims Dual Victims, One Confirmed
The ALPHV/BlackCat ransomware group has purportedly claimed two new victims: Verbraucherzentrale Hessen, a consumer advice center in Germany, and Electro
The Cyber Express
CISA, FBI, and HHS Update Joint Advisory on ALPHV Blackcat Ransomware
In a coordinated effort to address the escalating threat landscape of ransomware, the Cybersecurity and Infrastructure Security Agency (CISA), in
The Cyber Express
CISA, FBI, and HHS Update Joint Advisory on ALPHV Blackcat Ransomware
In a coordinated effort to address the escalating threat landscape of ransomware, the Cybersecurity and Infrastructure Security Agency (CISA), in
CSO
US healthcare alerted against BlackCat amid targeted attacks
BlackCat ransomware gang is using novel infection, encryption, and evasion TTPs to target US healthcare systems.
Security Affairs
Experts released a free decryption tool for Rhysida Ransomware
Researchers discovered a vulnerability in the code of the Rhysida ransomware that allowed them to develop a decryption tool.
Security Affairs
Rhysida ransomware group hacked Abdali Hospital in Jordan
The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan.
Security Affairs
Security Affairs newsletter Round 451 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
The Cyber Wire
The ALPHV/BlackCat takedown shuffle.
It's up, maybe it's down, no, for sure it's down, then up again, and finally down. For now.
Krebs on Security
BlackCat Ransomware Raises Ante After FBI Disruption
The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world's second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang's darknet website, and released a…
Security Affairs
Rhysida ransomware group hacked King Edward VII’s Hospital
The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London.....................
Security Affairs
Security Affairs newsletter Round 447 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
Rhysida ransomware gang claimed China Energy hack
The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation.
Infosecurity News
LockBit Affiliates Exploiting Citrix Bleed, Government Agencies Warn
Multiple threat actor groups are found to be exploiting a vulnerability in Citrix NetScaler gateway appliances, government agencies have warned
DataBreaches
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
Release Date: November 21, 2023 Alert Code: AA23-325A SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to...
Security Affairs
Rhysida ransomware gang is auctioning data stolen from the British Library
The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage.
Security Affairs
Security Affairs newsletter Round 446 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
FBI and CISA warn of attacks by Rhysida ransomware gang
The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors.
SecurityWeek
CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware
CISA is now flagging vulnerabilities and misconfigurations that are known to be exploited in ransomware attacks.
DataBreaches
FBI and CISA Release Update on AvosLocker Advisory
The AvosLocker ransomware leak site has not been seen for months, but the government is providing an update on them based on its investigations as recently as...
DataBreaches
#StopRansomware: Snatch Ransomware
There is a new Joint Cybersecurity Advisory issued today. This one is about Snatch Team. Summary: The Federal Bureau of Investigation (FBI) and the...
DataBreaches
Education Sector Heavily Targeted as the School Year Begins
A threat highlight from the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC): Summary As the 2023 school year begins, threat actors are...
Bleeping Computer
FBI confirms BianLian ransomware switch to extortion only attacks
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) have published a joint advisory to inform organizations of the latest tactics, techniques, and procedures (TTPs) and known indicators of compromise (IOCs) of the BianLian ransomware group.
DataBreaches
#StopRansomware: BianLian Ransomware Group
Release Date: May 16, 2023 Alert Code: AA23-136A Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish...
DataBreaches
#StopRansomware: Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
Jen Easterly, Director of CISA, tweeted: In early May 2023, a group self-identifying as the Bl00dy Ransomware Gang was observed attempting to exploit...
Security Affairs
US govt agencies released a joint alert on the Lockbit 3.0 ransomware
The US government released a joint advisory that provides technical details about the operation of the Lockbit 3.0 ransomware gang. The U.S. Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing & Analysis Center (MS-ISAC) released a joint advisory that provides indicators of compromise (IOCs) and tactics, […]
Bleeping Computer
The Week in Ransomware - March 17th 2023 - Shifting to data extortion
The fallout from the Clop ransomware attacks on GoAnywhere platforms has become apparent this week, with the threat actors starting to extort victims on their data leak site and companies confirming breaches.
DataBreaches
CISA Advisory: #StopRansomware: LockBit 3.0
Release Date: March 16, 2023 Alert Code: AA23-075A SUMMARY Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to...
Naked Security
Feds warn about right Royal ransomware rampage that runs the gamut of TTPs
Wondering which cybercrime tools, techniques and procedures to focus on? How about any and all of them?
Infosecurity News
CISA Warns Against Royal Ransomware in New Advisory
Malicious activity using a particular malware variant has been spotted since September 2022
DataBreaches
CISA Advisory: Royal Ransomware
Release Date: March 02, 2023 Alert Code: AA23-061A SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to...
Infosecurity News
US Warns Critical Sectors Against North Korean Ransomware Attacks
The latest iteration of the document is now analyzing activity by the Maui and H0lyGh0st groups
DataBreaches
CISA Alert (AA23-040A): #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Summary Note: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various...
Security Affairs
Cuba Ransomware received over $60M in Ransom payments as of August 2022
Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. The threat actors behind the Cuba ransomware (aka COLDDRAW, Tropical Scorpius) have demanded over 145 million U.S. Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide […]
DataBreaches
#StopRansomware: Cuba Ransomware
Joint Cybersecurity Advisory Product ID: AA22-335A December 1, 2022 TLP:CLEAR The Federal Bureau of Investigation (FBI) and the Cybersecurity and...
DataBreaches
Alert (AA22-321A) #StopRansomware: Hive Ransomware
CISA has issued an alert about the Hive ransomware group. Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to...
DataBreaches
CISA Alert: Daixin Team
Alert (AA22-294A) #StopRansomware: Daixin Team Download the PDF version of this report: pdf, 591 KB Technical Details Note:...
DataBreaches
CSA Alert (AA22-249A) #StopRansomware: Vice Society
Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various...
DataBreaches
CISA Alert (AA22-223A) #StopRansomware: Zeppelin Ransomware
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known...
DataBreaches
CISA Alert (AA22-181A): MedusaLocker
CISA Alert: (AA22-181A) #StopRansomware: MedusaLocker Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize...
The DFIR Report
2021 Year In Review
As we come to the end of the first quarter of 2022, we want to take some time to look back over our cases from 2021, in aggregate, and look at some of the top tactics, techniques and procedures (TTP's) we observed.
DataBreaches
Ransomware Resources for HIPAA Regulated Entities
The HHS Office for Civil Rights (OCR) is sharing the following information to ensure that HIPAA regulated entities are aware of the resources available to...
Bleeping Computer
The Week in Ransomware - July 16th 2021 - REvil disappears
Ransomware operations have been quieter this week as the White House engages in talks with the Russian government about cracking down on cybercriminals believed to be operating in Russia.