The Cyber Express
Ransomware Group LockBit Claims Responsibility for Cannes Hospital Cyberattack
The LockBit ransomware group has allegedly claimed responsibility for an earlier Cannes Hospital cyberattack impacting the Cannes Simone Veil Hospital
CyberNews
LockBit bungles attempt to rebrand as DarkVault
The LockBit cybercriminal outfit appears to be planning a ransomware rebrand as the DarkVault, discovered after LockBit seemingly bungled the new website’s design.
SC Magazine
LockBit copycat DarkVault spurs rebranding rumor
Several impersonators have used LockBit’s branding and leaked builder in their attacks.
Infosecurity News
Change Healthcare Hit By Cyber Extortion Again
RansomHub has surfaced threatening to expose stolen data unless another ransom is paid
The Cyber Express
RansomHub Claims Access to Stolen Change Healthcare Data in Apparent ALPHV Affiliate Move
Security researchers recently found a new twist in the ongoing saga of the Change HealthCare data breach. The RansomHub ransomware
CyberNews
Duty Free Americas claimed by Black Basta ransom group
Tax-free luxury travel retail chain Duty Free Americas is one of a dozen new ransomware victims claimed by the BlackBasta group on their dark leak page.
CyberNews
Rhysida ransom gang sells child patient data
Ransomware group Rhysida plumbed new lows with the declaration that it has sold data it stole from a US children’s hospital.
The Cyber Express
Authorities Strike: ALPHV/BlackCat’s New Leak Site Allegedly Confiscated by Law Enforcement
In a significant development, law enforcement has allegedly seized the newly established ALPHV/BlackCat leak site, dealing a blow to the
The Cyber Express
BlackCat Ransomware Gang Behind Change Healthcare Cyberattack, Optum Confirms
Change Healthcare, a major entity in the US healthcare sector, has confirmed being targeted by hacker collective ALPHV/Blackcat. "Change Healthcare
The Cyber Express
Audacious Attacks, Evading Answers: Why LockBit, BlackCat Targeting US Healthcare?
In a world where technology and healthcare collide, a disturbing pattern has emerged: cyberattacks on hospitals in the United States
The Cyber Express
LockBit 4.0: Rebooting a Ransomware Empire – Can the FBI Contain the Resurgent Threat?
LockBit 4.0 has made a surprising return, defying expectations following a recent crackdown by law enforcement that severely hampered their
The Cyber Express
LockBit 4.0: Rebooting a Ransomware Empire – Can the FBI Contain the Resurgent Threat?
LockBit 4.0 has made a surprising return, defying expectations following a recent crackdown by law enforcement that severely hampered their
CyberNews
LockBit back online, already targeting hospitals with ransomware
The LockBit ransom gang is back up since global police allege it decimated the group’s infrastructure and claimed the Ernest Health hospital network as its latest victim.
Security Affairs
LockBit is back and threatens to target more government organizations - Security Affairs
The LockBit gang is back and set up a new infrastructure after the recent attempt by law enforcement to disrupt their operation.
The Cyber Express
Operation Cronos: Law Enforcement Clamps Down on LockBit Network, Freezing $113M in Bitcoin
In the wake of the comprehensive LockBit takedown by law enforcement agencies, the aftermath has been significant. Subsequent to the
Security Affairs
Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric
The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric.
The Cyber Express
Trans-Northern Pipelines, SouthState Bank Hit in Suspected Cyberattack
In a wave of cyber intrusions reverberating across international borders, several prominent institutions, including Trans-Northern Pipelines, SouthState Bank, a French
SecurityWeek
Clorox Says Cyberattack Costs Exceed $49 Million
Cleaning products maker Clorox puts the impact of the damaging cyberattack at $49 million so far and expects to incur more costs in 2024.
Infosecurity News
CI/CD at Risk as Exploits Released For Critical Jenkins Bug
Customers are urged to patch now after exploits are released for critical vulnerability in Jenkins
The Cyber Express
Capital Health Hit by Cyberattack: Traces of LockBit Foul Play Emerge
Capital Health, a prominent healthcare organization based in New Jersey, recently faced a significant cybersecurity incident resulting in network outages
The Cyber Express
FBI Cracks BlackCat Ransomware Network, Offers Lifeline to 500+ Global Victims
FBI Takes Down BlackCat/Alphv Ransomware! The U.S. Department of Justice (DOJ) recently announced a major breakthrough in cybersecurity efforts with
The Cyber Express
Ransom Paid, Yet Struck Again: Henry Schein Hit by Third Cyberattack
The latest cyberattack on Henry Schein serves as a reminder that succumbing to the demands of cybercriminals is never the
The Cyber Express
NoEscape Ransomware Group Strikes Again, Claims Science History Institute Data Breach
NoEscape ransomware group has listed Science History Institute on its dark web portal. Science History Institute shares stories of significant
CyberSecurity Dive
Fidelity National Financial investigating cyberattack that led to service disruption
AlphV/BlackCat claimed responsibility for the attack on the title insurance giant, which is trying to determine whether the attack will have a material impact.
CyberNews
MadCat ransom gang caught stealing from other criminals
New ransomware linked by security researchers to suspected scammers who pretended to sell passport details on the dark web.
CyberSecurity Dive
Dragos again targeted by ransomware group, this time from AlphV
The industrial cybersecurity specialist previously thwarted a shakedown attempt in May and says the current threat has not been substantiated.
CyberSecurity Dive
CitrixBleed sparks race to patch, hunt for malicious activity
CISA urged organizations to patch, mitigate and report any positive findings as Citrix NetScaler ADC and NetScaler Gateway users remain exposed to session hijack.
Bleeping Computer
BlackCat ransomware claims breach of healthcare giant Henry Schein
The BlackCat (ALPHV) ransomware gang claims it breached the network of healthcare giant Henry Schein and stole dozens of terabytes of data, including payroll data and shareholder information.
CyberSecurity Dive
Five Guys discloses hack of 2 employees’ emails
The disclosure comes weeks after the company agreed to settle a federal class action suit stemming from a 2022 attack.
The Record
Dallas County confirms cybersecurity 'incident' after ransomware gang claims attack
On Saturday, the Play ransomware gang posted the county to its leak site, claiming to have stolen an undisclosed amount of data.
CyberNews
Curve Finance suffers second crypto cyberattack
Stablecoin trader hacked again and is being drained of money by an unknown threat actor, cybersecurity analysts are claiming.
The Record
TV advertising sales giant affected by ransomware attack
Ampersand — co-owned by Comcast Corporation, Charter Communications and Cox Communications — confirmed it had dealt with a ransomware incident but declined to say when the attack occurred or whether a ransom would be paid.
Bleeping Computer
ALPHV ransomware gang claims attack on Florida circuit court
The ALPHV (BlackCat) ransomware gang has claimed an attack that affected state courts across Northwest Florida (part of the First Judicial Circuit) last week.
The Record
Rhysida ransomware gang claims attacks on governments in Portugal, Dominican Republic
A notorious ransomware gang has claimed attacks against two government institutions this week, both of which confirmed they faced a range of issues due to the incidents.
The Record
Product leasing giant warns that sensitive information was stolen during cyberattack
Progressive Leasing is investigating a cyberattack and said there had been no “major” operational impacts to its services.
The Record
French town of Sartrouville recovering from cyberattack claimed by ransomware gang
The French town of Sartrouville is recovering from a cyberattack that limited services and has been claimed by a ransomware group.
The Record
Ransomware gang threatens Raleigh Housing Authority months after devastating attack
A ransomware gang has started posting sensitive personal information connected to a devastating attack on the Raleigh Housing Authority (RHA) that disrupted the organization for weeks in May.
Infosecurity News
Clop Gang Offers Data Downloads Via Torrents
Latest innovation designed to speed up download process
Bleeping Computer
Clop ransomware now uses torrents to leak data and evade takedowns
The Clop ransomware gang has once again altered extortion tactics and is now using torrents to leak data stolen in MOVEit attacks.
CSO
Vast majority of organizations are no longer vulnerable to MOVEit
Organizations are remediating MOVEit vulnerabilities 21 times faster compared wit other vulnerabilities, according to research by Bitsight.
The Record
Yamaha confirms cyberattack after multiple ransomware gangs claim attacks
Yamaha’s Canadian music division confirmed that it recently dealt with a cyberattack after two different ransomware groups claimed to have attacked the company.
Bleeping Computer
Clop now leaks data stolen in MOVEit attacks on clearweb sites
The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims, making it easier to leak stolen data and further pressuring victims into paying a ransom.
Infosecurity News
Estee Lauder Breached by Two Ransomware Groups
Cosmetics giant confirms data was taken
The Record
Tampa hospital says sensitive data of 1.2 million stolen in failed ransomware attack
One of the largest hospitals in Florida said hackers stole the sensitive data of more than 1.2 million patients during an attempted ransomware attack in May.
The Record
Three new MOVEit bugs spur CISA warning as more victims report breaches
The federal government warned on Friday that three new vulnerabilities have been discovered in the MOVEit file transfer software — a tool that has been at the center of hundreds of breaches announced over the last month.
Cyber Security News
Reddit Hackers Threaten to Leak 80GB of Stolen Data
Reddit Hackers Threaten to Leak 80GB of Stolen Data through this phishing attempt to obtain internal documents.
Bleeping Computer
Reddit hackers threaten to leak data stolen in February breach
The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company.
Bleeping Computer
BlackCat ransomware gang behind Reddit breach from February
The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company.
Security Affairs
BlackCat claims the hack of the Casepoint legal technology platform used by US agencies
The BlackCat ransomware gang claims to have hacked the Casepoint legal technology platform used US agencies, including SEC and FBI. The cybersecurity researcher Dominic Alvieri first noticed that the BlackCat ransomware gang added the company Casepoint to the list of victims on its Tor Dark Web site. Casepoint provides a leading legal discovery platform used by […]
Bleeping Computer
Capita warns customers they should assume data was stolen
Business process outsourcing firm Capita is warning customers to assume that their data was stolen in a cyberattack that affected its systems in early April.
DarkReading
BlackCat Trolls Western Digital With Leaked Response Meeting Image
The ransomware group adds in personal insults to ratchet up pressure on Western Digital threat hunters.
Bleeping Computer
Hackers leak images to taunt Western Digital's cyberattack response
The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating they likely had continued access to the company's systems even as the company responded to the breach.
Cyber Security News
Yellow Pages Hack - Ransomware Gang Leaks Sensitive Data
As per reports, Yellow Pages Group, the Canadian Directory Publisher, has been attacked by the Black Basta Ransomware Group.
Infosecurity News
Yellow Pages Canada Hit by Cyber-Attack, Black Basta Claims Credit
The unauthorized third party stole employee and business customers' data
Bleeping Computer
Yellow Pages Canada confirms cyber attack as Black Basta leaks data
Yellow Pages Group, a Canadian directory publisher has confirmed to BleepingComputer that it has been hit by a cyber attack. Black Basta ransomware and extortion gang claims responsibility for the attack and has posted sensitive documents and data over the weekend.
Bleeping Computer
Capita confirms hackers stole data in recent cyberattack
London-based professional outsourcing giant Capita has published an update on the cyber-incident that impacted it at the start of the month, now admitting that hackers exfiltrated data from its systems.
CyberSecurity Dive
NCR in recovery as ransomware disrupts widely used point-of-sale system
In-restaurant purchases are still being processed on NCR Aloha, but other capabilities and business processes remain down, the company said Monday.
Bleeping Computer
NCR suffers Aloha POS outage after BlackCat ransomware attack
NCR is suffering an outage on its Aloha point of sale platform after being hit by an ransomware attack claimed by the BlackCat/ALPHV gang.
DataBreaches
A short-lived BlackCat listing suggests NCR’s customers’ networks were accessed
It’s been more than a decade since DataBreaches covered any significant data breach involving the Aloha POS system, and back then it was owned by Radiant...
Security Affairs
City of Toronto is one of the victims hacked by Clop gang using GoAnywhere zero-day
Clop ransomware gang added City of Toronto to the list of its victims, it is another organization compromised by exploiting GoAnywhere zero-day. Clop ransomware gang added the City of Toronto to the list of victims published on its Tor leak site. The City was targeted as part of a campaign exploiting the recently disclosed zero-day vulnerability in the […]
Security Affairs
City of Toronto is one of the victims hacked by Clop gang using GoAnywhere zero-day
Clop ransomware gang added the City of Toronto to the list of its victims, it is another organization compromised by exploiting GoAnywhere zero-day. Clop ransomware gang added the City of Toronto to the list of victims published on its Tor leak site. The City was targeted as part of a campaign exploiting the recently disclosed zero-day vulnerability in […]
Bleeping Computer
City of Toronto confirms data theft, Clop claims responsibility
City of Toronto is among Clop ransomware gang's latest victims hit in the ongoing GoAnywhere hacking spree. Other victims listed alongside the Toronto city government include UK's Virgin Group and the statutory corporation, Pension Protection Fund.
Bleeping Computer
Play ransomware claims disruptive attack on City of Oakland
The Play ransomware gang has taken responsibility for a cyberattack on the City of Oakland that has disrupted IT systems since mid-February.
Bleeping Computer
TELUS investigating leak of stolen source code, employee data
Canada's second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data. The threat actor subsequently shared screenshots apparently showing private source code repositories and payroll records held by the company.
Bleeping Computer
Hackers use fake ChatGPT apps to push Windows, Android malware
Threat actors are actively exploiting the popularity of OpenAI's ChatGPT AI tool to distribute Windows malware, infect Android devices with spyware, or direct unsuspecting victims to phishing pages.
Bleeping Computer
Ransomware hits Technion university, protests tech layoffs and Israel
A new ransomware group going by the name 'DarkBit' has hit Technion - Israel Institute of Technology, one of Israel's leading research universities. The ransom note posted by DarkBit is littered with messaging protesting tech layoffs and promoting anti-Israel rhetoric, as well as the group demanding a $1.7 million payment.
Bleeping Computer
Ransomware hits Technion university to protest tech layoffs and Israel
A new ransomware group going by the name 'DarkBit' has hit Technion - Israel Institute of Technology, one of Israel's leading research universities. The ransom note posted by DarkBit is littered with messaging protesting tech layoffs and promoting anti-Israel rhetoric, as well as the group demanding a $1.7 million payment.
Bleeping Computer
Drug distributor AmerisourceBergen confirms security breach
Pharmaceutical distributor AmerisourceBergen confirmed that hackers compromised the IT system of one of its subsidiaries after threat actors began leaking allegedly stolen data.
Bleeping Computer
LockBit ransomware gang claims Royal Mail cyberattack
The LockBit ransomware operation has claimed the cyberattack on UK's leading mail delivery service Royal Mail that forced the company to halt its international shipping services due to "severe service disruption."
Infosecurity News
Qbot Overtakes Emotet in December 2022's Most Wanted Malware List
The findings come from Check Point Software's latest Global Threat Index report
Security Affairs
Hive Ransomware gang leaked 550 GB stolen from Consulate Health Care
The Hive ransomware gang just leaked 550 GB of data stolen from the Consulate Health Care, including customer and employee PII data. Consulate Health Care is a leading provider of senior healthcare services, specializing in post-acute care. The Hive ransomware gang this week added the company to its Tor leak site, threatening to publish the stolen […]
Bleeping Computer
Chick-fil-A investigates reports of hacked customer accounts
American fast-food restaurant chain Chick-fil-A is investigating what it described as "suspicious activity" linked to some of its customers' accounts.
SecurityWeek
Play Ransomware Group Used New Exploitation Method in Rackspace Attack
The recent ransomware attack targeting Rackspace was conducted by the Play group using a new exploitation method named OWASSRF.
Infosecurity News
New Phishing Campaign Targets Cybersecurity Professionals Using Hacking Tool Flipper Zero
The threat actor is using an angler phishing technique to leverage the shortage of the popular hacking tool
Bleeping Computer
Ongoing Flipper Zero phishing attacks target infosec community
A new phishing campaign is exploiting the increasing interest of security community members towards Flipper Zero to steal their personal information and cryptocurrency.
DarkReading
Holiday Spirit? LockBit Gives Children's Hospital Free Decryptor
The Russian-speaking cybercrime gang said an affiliate violated its rules against attacks that could lead to bodily harm for medical patients.
CSO
LockBit apologizes for ransomware attack on hospital, offers decryptor
The LockBit ransomware-as-a-service operation said it is against its rules to attack medical institutions, but the ransomware gang's affiliates do not always adhere to this policy.
Bleeping Computer
Ransomware gang apologizes, gives SickKids hospital free decryptor
The LockBit ransomware gang has released a free decryptor for the Hospital for Sick Children (SickKids), saying one of its members violated rules by attacking the healthcare organization.
Security Affairs
An initial access broker claims to have hacked Deutsche Bank
An initial access broker claims to have hacked Deutsche Bank and is offering access to its systems for sale on Telegram. A threat actor (0x_dump) claims to have hacked the multinational investment bank Deutsche Bank and is offering access to its network for sale online. The security researcher Dominic Alvieri was one of the first experts […]
DataBreaches
Snatch adds — and then deletes — Wisconsin school district from leak site
Yesterday morning, DataBreaches observed that Snatch Team had added Kenosha Unified School District in Wisconsin to its leak site, but had not added any actual...
Bleeping Computer
US airports taken down in DDoS attacks by pro-Russian hackers
The pro-Russian hacktivist group 'KillNet' is claiming large-scale distributed denial-of-service (DDoS) attacks against the websites of several major airports in the U.S., making them unaccessible.
Bleeping Computer
US airports' sites taken down in DDoS attacks by pro-Russian hackers
The pro-Russian hacktivist group 'KillNet' is claiming large-scale distributed denial-of-service (DDoS) attacks against the websites of several major airports in the U.S., making them unaccessible.
Security Affairs
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd. In March 2022, the Everest ransomware operators published a notice announcing the sale of “South Africa Electricity company’s root access” for $125,000. Eskom transforms inputs from the natural environment – coal, nuclear, fuel, diesel, water, and wind – into more […]
Bleeping Computer
Hive ransomware claims cyberattack on Bell Canada subsidiary
The Hive ransomware gang claimed responsibility for an attack that hit the systems of Bell Canada subsidiary Bell Technical Solutions (BTS).
CyberNews
LockBit hit by DDoS after Entrust hack | Cybernews
A notorious ransomware gang, LockBit, suspects IT giant Entrust is behind a recent DDoS attack that knocked Lockbit's data leak site offline.
Security Affairs
Lockbit leak sites hit by mysterious DDoS attack after Entrust hack
LockBit ransomware gang claims to have hacked the IT giant Entrust and started leaking the stolen files. Entrust Corp., provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access secure networks or conduct financial transactions, trust certificated for websites, mobile credentials, and connected devices. The Lockbit ransomware […]
Bleeping Computer
LockBit ransomware blames Entrust for DDoS attacks on leak sites
The LockBit ransomware operation's data leak sites have been shut down over the weekend due to a DDoS attack telling them to remove Entrust's allegedly stolen data.
SecurityWeek
Ransomware Group Threatens to Leak Data Stolen From Security Firm Entrust
Hackers using the LockBit ransomware have taken credit for the attack on cybersecurity firm Entrust and they are threatening to leak stolen data.
Bleeping Computer
LockBit claims ransomware attack on security giant Entrust
The LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust.
SecurityWeek
Data Stolen in Breach at Security Company Entrust
Entrust suffered a data breach last month and the security company has confirmed that the attackers have stolen some files.
Cyber Security News
Security Giant Entrust Breached - Hackers Stole Data
Entrust, a big name in digital security, announced recently on its website that it has been attacked by hackers. During this attack, hackers breached their firewalls and stole data from their internal systems through breaches in their network.
ThreatPost
Lapsus$ ‘Back from Vacation’
Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers' DevOps platforms – to its hit list.
Ars Technica
First Microsoft, then Okta: New ransomware gang posts data from both
If you haven't heard of Lapsus$, you have now. It probably won't be the last time.