Subway's data torpedoed by LockBit, ransomware gang claims Fast food chain could face a footlong recovery process if allegations are true Cyber-crime22 Jan 2024 | 8
Thieves steal 35.5M customers’ data from Vans sneakers maker But what kind of info was actually compromised? None of your business Cyber-crime19 Jan 2024 | 8
Ransomware attacks hospitalizing security pros, as one admits suicidal feelings Untold harms of holding the corporate perimeter revealed in extensive series of interviews Cyber-crime18 Jan 2024 | 23
Be honest. Would you pay off a ransomware crew? Kettle Today us vultures are debating bans on ransom payments, deplorable tactics by extortionists, and more Cyber-crime10 Jan 2024 | 37
Cybercrooks play dress-up as 'helpful' researchers in latest ransomware ruse Posing as cyber samaritans, scumbags are kicking folks when they're down Cyber-crime10 Jan 2024 | 2
And that's a wrap for Babuk Tortilla ransomware as free decryptor released Experts' job made 'straightforward' by crooks failing to update encryption schema after three years Research09 Jan 2024 | 3
British Library: Finances remain healthy as ransomware recovery continues Authors continue to lose out on owed payments as rebuild of digital services drags on Cyber-crime08 Jan 2024 | 16
Ransomware payment ban: Wrong idea at the wrong time Opinion Won't stop the chaos, may lead to attacks with more dire consequences CSO06 Jan 2024 | 130
As lawmakers mull outlawing poor security, what can they really do to tackle online gangs? Comment Headline-grabbing takedowns are nice, but long-term solutions require short-term sacrifices Cyber-crime04 Jan 2024 | 19
Freight giant Estes refuses to deliver ransom, says personal data opened and stolen Pay up, or just decline to submit Cyber-crime03 Jan 2024 | 5
Formal ban on ransomware payments? Asking orgs nicely to not cough up ain't working With the average demand hitting $1.5 million, something's gotta change Security03 Jan 2024 | 72
A tale of 2 casino ransomware attacks: One paid out, one did not Feature What can be learned from MGM's and Caesars' infosec moves CSO28 Dec 2023 | 64
Cyber sleuths reveal how they infiltrate the biggest ransomware gangs Feature How do you break into the bad guys' ranks? Master the lingo and research, research, research Cyber-crime22 Dec 2023 | 14
FBI develops decryptor for BlackCat ransomware, seizes gang's website Updated Crims laugh it off and resume their activity Cyber-crime19 Dec 2023 | 5
MongoDB warns breach of internal systems exposed customer contact info Infosec in brief PLUS: Cancer patients get ransom notes for Christmas, Delta Dental is the latest MOVEit victim, and critical vulns Security18 Dec 2023 | 2
Kraft Heinz suggests we simmer down about Snatch ransomware attack claims Ah, beans Cyber-crime15 Dec 2023 | 17
UK government woefully unprepared for 'catastrophic' ransomware attack Extortionware 'relentlessly deprioritized' and even King Charles seems oblivious to danger, scathing report finds Public Sector14 Dec 2023 | 44
2.5M patients infected with data loss in Norton Healthcare ransomware outbreak AlphV lays claims to the intrusion Security11 Dec 2023 | 6
BlackCat ransomware crims threaten to directly extort victim's customers Accounting software firm Tipalti says it’s investigating alleged break-in of its systems Cyber-crime05 Dec 2023 | 4
Scores of US credit unions offline after ransomware infects backend cloud outfit Supply chain attacks: The gift that keeps on giving Cyber-crime02 Dec 2023 | 17
US readies prison cell for another Russian Trickbot developer Hunt continues for the other elusive high-ranking members Cyber-crime01 Dec 2023 | 3
Black Basta ransomware operation nets over $100M from victims in less than two years Assumed Conti offshoot averages 7 figures for each successful attack but may have issues with, er, 'closing deals' Cyber-crime30 Nov 2023 | 3
British Library begins contacting customers as Rhysida leaks data dump CRM databases were accessed and library users are advised to change passwords Cyber-crime29 Nov 2023 | 5
Europol shutters ransomware operation with kingpin arrests A few low-level stragglers remain on the loose, but biggest fish have been hooked Cyber-crime28 Nov 2023 | 4
Leader of pro-Russia DDoS crew Killnet 'unmasked' by Russian state media Infosec in Brief Also: NXP China attack, Australia can't deliver on ransom payment ban (yet), and Justin Sun's very bad month Security27 Nov 2023 | 11
Ransomware-hit British Library: Too open for business, or not open enough? Opinion Unique institutions need unique security. Instead, they're fobbed off with the same old, same old Cyber-crime27 Nov 2023 | 26
BlackCat claims it is behind Fidelity National Financial ransomware shakedown One of US's largest underwriters forced to shut down a number of key systems Cyber-crime23 Nov 2023 | 1
Attack on direct debit provider London & Zurich leaves customers with 6-figure backlogs Customers complain of poor comms during huge outage that’s sparked payroll fears Cyber-crime23 Nov 2023 | 15
Third-party data breach affecting Canadian government could involve data from 1999 Any govt staffers who used relocation services over past 24 years could be at risk Cyber-crime21 Nov 2023 | 5
Rhysida ransomware gang: We attacked the British Library Crims post passport scans and internal forms up for 'auction' to prove it Cyber-crime20 Nov 2023 | 29
Your password hygiene remains atrocious, says NordPass Infosec in brief ALSO: FCC cracks down on SIM-swap scams, old ZeroLogon targeted by new ransomware, and critical vulnerabilities Security20 Nov 2023 | 57
LockBit redraws negotiation tactics after affiliates fail to squeeze victims Cybercrime group worried over dwindling payments ... didn't they tell them to Always Be Closing? Cyber-crime17 Nov 2023 | 32
How much to clean up a ransomware infection? For Rackspace, about $11M And that's not counting the incoming lawsuits. Thank goodness for insurance, eh? CSO16 Nov 2023 | 7
BlackCat plays with malvertising traps to lure corporate victims Updated Ads for Slack and Cisco AnyConnect actually downloaded Nitrogen malware Research16 Nov 2023 | 1
Royal Mail’s recovery from ransomware attack will cost business at least $12M First time hard figure given on recovery costs for January incident Cyber-crime16 Nov 2023 | 6
Clorox CISO flushes self after multimillion-dollar cyberattack Plus: Ransomware crooks file SEC complaint against victim CSO16 Nov 2023 | 23
Ransomware more efficient than ever, and baddies are still after your logs Trying times for incident responders who battle fastest-ever ransomware blitz as attackers keep scrubbing evidence clean Research15 Nov 2023 | 3
Ransomware royale: US confirms Royal, BlackSuit are linked Royal alone scored $275M in past year as FBI, other agencies hot on merging trail Cyber-crime14 Nov 2023 | 1
Royal Mail cybersecurity still a bit of a mess, infosec bods claim Infosec in brief Also: Most Mainers are MOVEit victims, NY radiology firm fined for not updating kit, and some critical vulnerabilities Security13 Nov 2023 | 8
Impatient LockBit says it's leaked 50GB of stolen Boeing files after ransom fails to land Aerospace titan pores over data to see if dump is legit Cyber-crime10 Nov 2023 | 29
Strangely enough, no one wants to buy a ransomware group that has cops' attention Ransomed.vc shuts after 20% discount fails to entice bids Cyber-crime10 Nov 2023 | 5
China's top bank ICBC hit by ransomware, derailing global trades CitrixBleed patch has been available for around a month Security10 Nov 2023 | 7
MOVEit cybercriminals unearth fresh zero-day to exploit on-prem SysAid hosts Second novel zero-day exploited by Lace Tempest this year offers notable demonstration of skill, especially for a ransomware affiliate Cyber-crime09 Nov 2023 |
Atlassian cranks up the threat meter to max for Confluence authorization flaw Attackers secure admin rights after vendor said they could only steal data Cyber-crime08 Nov 2023 | 10
US slaps sanctions on accused fave go-to money launderer of Russia's rich And that includes ransomware crims, claims US of alleged sanctions-buster Cyber-crime06 Nov 2023 | 9
Critical Apache ActiveMQ flaw under attack by 'clumsy' ransomware crims Over a week later and barely any patches for the 10/10 vulnerability have been applied Cyber-crime02 Nov 2023 | 4
Ransomware crooks SIM swap medical research biz exec, threaten to leak stolen data Advarra probes intrusion claims, says 'the matter is contained' Cyber-crime01 Nov 2023 | 6
Get your very own ransomware empire on the cheap, while stocks last RansomedVC owner takes to Telegram to flog criminal enterprise Cyber-crime01 Nov 2023 | 5
US officials close to persuading allies to not pay off ransomware crooks 'We're still in the final throes of getting every last member to sign' Cyber-crime31 Oct 2023 | 21
'Mass exploitation' of Citrix Bleed underway as ransomware crews pile in At least two extortion gangs abusing CVE-2023-4966, we're told Cyber-crime31 Oct 2023 | 3
Stanford schooled in cybersecurity after Akira claims ransomware attack This marks the third criminal intrusion at the institution in as many years Cyber-crime30 Oct 2023 | 3
Microsoft unveils shady shenanigans of Octo Tempest and their cyber-trickery toolkit Gang thought to be behind attack on MGM Resorts has a skillset larger than most cybercrime groups in existence Research27 Oct 2023 | 1
Seiko watches 60K personal data records tick away in BlackCat ransomware heist Investigations ongoing as full extent of July breach is questioned Cybersecurity Month25 Oct 2023 |
Hunters International leaks pre-op plastic surgery pics in negotiation no-no No honor among thieves as group denies Hive ransomware links Cyber-crime25 Oct 2023 | 6
Europol knocks RagnarLocker offline in second major ransomware bust this year Group will be remembered as staunch negotiator and a bullier of critical infrastructure orgs Cyber-crime19 Oct 2023 |
Malware crooks find an in with fake browser updates, in case real ones weren't bad enough Researchers say ransomware could be on the horizon if success continues Cybersecurity Month18 Oct 2023 | 2
We're not in e-Kansas anymore: State courts reel from 'unauthorized incursion' Fax, post, and human messengers can still be used for filing vital evidence Cyber-crime16 Oct 2023 | 4
Regulator, insurers and customers all coming for Progress after MOVEit breach Infosec in brief Also, CISA cataloging new ransomware data points, 17k WP sites hijacked by malware in Sept., and more critical vulns Security16 Oct 2023 | 3
Thwarted ransomware raid targeting WS_FTP servers demanded just 0.018 BTC Early attempt to exploit latest Progress Software bug spotted in the wild Cyber-crime13 Oct 2023 | 7
Everest cybercriminals offer corporate insiders cold, hard cash for remote access The ransomware gang changes identities more than Jason Bourne Research12 Oct 2023 | 9
US construction giant unearths concrete evidence of cyberattack Simpson Manufacturing yanks systems offline, warns of ongoing disruption Cyber-crime12 Oct 2023 | 11
Ransomwared health insurer wasn't using antivirus software PhilHealth blames government procurement rules for license expiry and issues phishing warnings Cybersecurity Month11 Oct 2023 | 15