️
#LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump. #ransomwaregroup #dataleaking https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-hacked-victim-negotiations-exposed/
#RansomwareGroup
0 posts0 participants0 posts today
#Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows. #ransomwaregroup #CyberSecurity https://www.bleepingcomputer.com/news/security/ransomware-gang-encrypted-network-from-a-webcam-to-bypass-edr/
BleepingComputer · Ransomware gang encrypted network from a webcam to bypass EDR
New research has uncovered further links between the #BlackBasta and #Cactus ransomware gangs, with members of both groups utilizing the same social engineering attacks and the #BackConnect proxy malware for post-exploitation access to corporate networks. #ransomwaregroup https://www.bleepingcomputer.com/news/security/microsoft-teams-tactics-malware-connect-black-basta-cactus-ransomware/
BleepingComputer · Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware
An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation.
#BlackBasta #RansomwareGroup
#Cybersecurity
https://www.bleepingcomputer.com/news/security/black-basta-ransomware-gang-s-internal-chat-logs-leak-online/
BleepingComputer · Black Basta ransomware gang's internal chat logs leak online
The United States, Australia, and the United Kingdom have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) services provider, for supplying essential attack infrastructure for the LockBit ransomware gang. #LockBit #ransomwaregroup https://www.bleepingcomputer.com/news/security/us-sanctions-lockbit-ransomwares-bulletproof-hosting-provider/
BleepingComputer · US sanctions LockBit ransomware’s bulletproof hosting provider
The U.S. Justice Department announced the names of two Phobos ransomware affiliates arrested yesterday in Thailand, charging them on 11 counts due to their involvement in more than a thousand cyberattacks. #ransomwaregroup https://www.bleepingcomputer.com/news/security/us-indicts-8base-ransomware-operators-for-phobos-encryption-attacks/
BleepingComputer · US indicts 8Base ransomware operators for Phobos encryption attacks
A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four suspected hackers in Phuket, Thailand, and the seizure of 8Base’s dark web sites. The suspects are accused of conducting cyberattacks on over 1,000 victims worldwide. #ransomwaregroup https://www.bleepingcomputer.com/news/legal/police-arrests-4-phobos-ransomware-suspects-seizes-8base-sites/
BleepingComputer · Police arrests 4 Phobos ransomware suspects, seizes 8Base sites
A dual Russian-Israeli national charged as the mastermind behind LockBit ransomware—a cyber weapon that caused chaos across 120+ countries and left $500M in illicit profits.
#LockBit #ransomwaregroup
Explore the full story of LockBit’s rise and fall: https://thehackernews.com/2024/12/lockbit-developer-rostislav-panev.html
The #Clop ransomware gang has confirmed to #BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. #RansomwareAttack #ransomwaregroup
https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-responsibility-for-cleo-data-theft-attacks/
BleepingComputer · Clop ransomware claims responsibility for Cleo data theft attacks
The Romanian National Cybersecurity Directorate (DNSC) says the #Lynx ransomware gang breached Electrica Group, one of the largest electricity suppliers in the country. #ransomwaregroup #cybercrime
https://www.bleepingcomputer.com/news/security/lynx-ransomware-behind-electrica-energy-supplier-cyberattack/
BleepingComputer · Lynx ransomware behind Electrica energy supplier cyberattack
The Termite ransomware gang has officially claimed responsibility for the November breach of software as a service ( #SaaS ) provider Blue Yonder. #ransomwaregroup
#cyberattacks https://www.bleepingcomputer.com/news/security/blue-yonder-saas-giant-breached-by-termite-ransomware-gang/
BleepingComputer · Blue Yonder SaaS giant breached by Termite ransomware gang
Analysing the cultural dimensions of cybercriminal groups -- A case study on the Conti ransomware group
#ransom #culture #cybercrime #research #conti #ransomware #RansomwareGroup
arXiv.orgAnalysing the cultural dimensions of cybercriminal groups -- A case study on the Conti ransomware groupCybercriminal profiling and cyber-attack attribution have been elusive goals world-wide, due to their effects on societal and geopolitical balance and stability. Attributing actions to a group or state is a complex endeavour, with traditional established approaches including cyber threat intelligence and analysis of technical means such as malware analysis, network forensics and geopolitical intelligence. However, we propose an additional component for profiling threat actor groups through analysing cultural aspects of human behaviours and interactions. We utilise a set of variables which determine characteristics of national and organisational culture to create a cultural "footprint" of cybercriminal groups. As a case study, we conduct thematic analysis across the six dimensions of the Hofstede national culture classification and the eight dimensions of the Meyer classification on leaked internal communications of the ransomware group Conti. We propose that a systematic analysis of similar communications can serve as a practical tool for a) understanding the modus operandi of cybercrime and cyberwarfare-related groups, and b) profiling cybercriminal groups and/or nation-state actors. Insights from such applications can, first, assist in combating cybercrime and, second, if combined with additional cyber threat intelligence, can provide a level of confidence in nuanced cyber-attack attribution processes.
#NorthKorean state-sponsored hacking #APT group tracked as 'Andariel' has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions. #RansomwareGroup
#CyberAttacks https://www.bleepingcomputer.com/news/security/north-korean-govt-hackers-linked-to-play-ransomware-attack/
BleepingComputer · North Korean govt hackers linked to Play ransomware attack
The #BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. #ransomwaregroup #cyberattacks https://www.bleepingcomputer.com/news/security/black-basta-ransomware-poses-as-it-support-on-microsoft-teams-to-breach-networks/
BleepingComputer · Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
Ransomware gangs now abuse Microsoft Azure tool for data theft - #ransomwaregroup #cyberattacks https://www.bleepingcomputer.com/news/security/ransomware-gangs-now-abuse-microsoft-azure-tool-for-data-theft/
Port of Seattle hit by #Rhysida ransomware in August attack #RansomwareGroup #cyberattacks https://www.bleepingcomputer.com/news/security/port-of-seattle-says-rhysida-ransomware-was-behind-august-attack/
#Cyberattack Alert Update 
#BlackSuit ransomware group leaks the exfiltrated files from KADOKAWA once again, this time with additional data, as indicated by the upload date of September 10th.
Last August, the cybercriminal group warned the company that they would be attacked again.
#OpIsraelV2 #RansomwareGroup
#RansomHub has compromised data from over 210 victims across critical sectors, using double extortion and intermittent encryption to challenge cybersecurity teams.
https://thehackernews.com/2024/09/ransomhub-ransomware-group-targets-210.html
The Hacker NewsRansomHub Ransomware Group Targets 210 Victims Across Critical SectorsRansomHub ransomware group targets 210 victims across critical sectors. US government warns of rising attacks on infrastructure using advanced tactics
The threat actors behind #BlackBasta ransomware have been making changes to their initial access vectors, becoming less reliant on email-related techniques and employing methods such as SEO poisoning and malvertising in some campaigns. #CyberAttack #RansomwareGroup https://thecyberwire.com/podcasts/microsoft-threat-intelligence/26/notes
The CyberWire · Black Basta and the Use of LLMs by Threat Actors
According to a recent report, the AzzaSec Ransomware, developed by the #AzzaSec Hacktivist Group, is a grave cybersecurity threat, featuring sophisticated and undetected capabilities. It's disseminated through phishing attacks and can evade security measu… #RansomwareGroup
https://threatmon.io/blog/darkwebs-new-favorite-azzasec-ransomware/
ThreatMon Blog · Darkweb’s New Favorite: AzzaSec RansomwareAzzaSec Ransomware, developed by the AzzaSec Hacktivist Group, represents a significant cybersecurity threat due to its sophisticated features and destructive