Cybercriminals have developed an enhanced version of the infamous GhostLocker ransomware that they are deploying in attacks across the Middle East, Africa, and Asia. Two ransomware groups, GhostSec and Stormous, have joined forces in the attack campaigns with double-extortion ransomware attacks using the new GhostLocker 2.0 to infect organizations in Lebanon, Israel, South Africa, Turkey, […]
The website used by the ransomware group believed to be responsible for the breach of one of the United States’s largest health care payment processors went down Friday amid reports that the incident has put major financial pressure on medical providers and made it difficult for consumers to get the medicine they need. It’s not […]
Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO Ransomware The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact. By: Nathaniel Morales, Katherine Casona, Ieriz Nicolle Gonzalez, Ivan Nicole Chavez, Maristel Policarpio, Jacob Santos March 04, 2024 Read time: ( words) The RA World […]
The alliance between ransomware groups and initial access brokers (IABs) is still the powerful engine for cybercriminal industry, as evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak sites (DLS), according to Group-IB’s Hi-Tech Crime Trends 2023/2024 report. Global threat actors also demonstrated increased interest […]
U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. “Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, […]
On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware […]
The BlackCat/ALPHV ransomware gang claimed responsibility for a cyberattack on Optum, affecting the Change Healthcare platform and potentially compromising sensitive data of millions of individuals and organizations.
The Black Basta and Bl00dy ransomware gangs are exploiting a critical authentication bypass vulnerability (CVE-2024-1709) in unpatched ScreenConnect servers to gain admin access and deploy ransomware.
A ransomware gang is seeking $3.4 million after attacking a children’s hospital in Chicago, forcing staff to resort to manual processes to provide care to patients. The attack on Lurie Children’s Hospital was announced earlier this month, when officials said they had been forced to take their entire network offline due to an unspecified “cybersecurity […]