The British Library ransomware attack was likely caused by the compromise of third-party credentials coupled with no multifactor authentication (MFA) in place to stop the attackers, despite previous warnings about these risks. This is according to a British Library report that sheds new light on the October 2023 attack, which shut down digital services and […]
BianLian group exploits JetBrains TeamCity bugs in ransomware attacks Pierluigi Paganini March 11, 2024 BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by […]
Mar 11, 2024NewsroomRansomware / Vulnerability The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks. According to a new report from GuidePoint Security, which responded to a recent intrusion, the incident “began with the exploitation of a TeamCity server which resulted in the […]
The city of Hamilton, Canada, is recovering from a ransomware attack that has disrupted online government services, forcing residents to use cash transactions and manual methods for payments.
The Duvel Moortgat Brewery in Belgium was hit by a ransomware attack, causing the halt of beer production in their bottling facilities. The company’s IT systems detected the attack, leading to an immediate stop in production.
Capita, the British outsourcing company hit by a ransomware attack last March, has reported losing more than £106.6 million ($135.5 million) over the last year — roughly a quarter of which was directly caused by the incident. The company had initially said it expected the incident to cost up to £20 million ($25.4 million) to […]
Several of the law enforcement agencies involved in the takedown of one of the most prolific ransomware groups denied involvement in a new notice posted to the gang’s leak site — adding weight behind rumors from experts and cybercriminals that the group was attempting to carry out an elaborate exit scam. The U.S. Justice Department, […]
Mar 06, 2024NewsroomCyber Crime / Ransomware The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. “ALPHV/BlackCat did not get seized. They are exit scamming their affiliates,” security researcher Fabian Wosar said. “It is blatantly obvious when you […]
The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries,” Cisco Talos researcher Chetan Raghuprasad said in a report shared with The Hacker News. “GhostLocker and Stormous ransomware […]