Geek-Guy.com

Category: Ransomware

Auto Added by WPeMatico

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

One of the most notorious providers of abuse-friendly “bulletproof” web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab, KrebsOnSecurity has learned. Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a…

Hacker verschlüsseln Daten von rund 12.000 Patienten

srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?quality=50&strip=all 16634w, https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2025/02/shutterstock_2321046757_71010c.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Hacker haben sich Zugriff auf Daten von Tausenden Patienten aus Hamburg verschafft. Inactive design – Shutterstock.com Laut einem Bericht des Hamburger Abendblatt wurde das Praxisinformationssystem der MVZ Herz-Lungen-Praxis…

Army soldier linked to Snowflake attack spree allegedly tried to sell data to foreign spies

U.S. authorities say a 21-year-old U.S. Army soldier attempted to sell stolen sensitive information to a foreign intelligence service as part of a broader effort to extort victims and leak call records of high-ranking public officials. In November while on active duty, Cameron Wagenius made multiple attempts to extort $500,000 from a major telecommunications company…

Orange Group von Datenleck betroffen

Die Orange Group wurde von einer Ransomware-Attacke getroffen. JeanLucIchard – Shutterstock.com Ein Mitglied der Ransomware-Bande HellCat behauptet, rund 6,5 Gigabyte an Daten von der Orange Group gestohlen zu haben. Das erbeutete Datenpacket umfasst demnach 380.000 eindeutige E-Mail-Adressen, Quellcode, Rechnungen, Verträge sowie Kunden- und Mitarbeiterinformationen. Der französische TK-Anbieter bestätigte gegenüber dem Technikmagazin Bleeping Computer, dass es…

Data Theft Drove 94% of Global Cyberattacks in 2024 & Ransomware Defenses are “Increasingly Complex”

Ransomware groups now steal, encrypt, and threaten to leak company data on the dark web, forcing victims to pay or risk exposing sensitive information.

Threat actors are increasingly trying to grind business to a halt

Cybercriminals intentionally disrupted operations at a growing rate last year, Palo Alto Networks’ threat intelligence firm Unit 42 said in an annual incident response report released Tuesday. Of the nearly 500 major cyberattacks Unit 42 responded to last year, 86% involved business disruption, including operational downtime, fraud-related losses, increased operating costs and negative reputational impacts. …

Dragos: Surge of new hacking groups enter ICS space as states collaborate with private actors

Cyberattacks against industrial organizations surged in 2024 as a glut of new threat actors increasingly targeted operational technology (OT) and industrial control systems (ICS), according to cybersecurity firm Dragos. According to a report released Tuesday, attacks on industrial organizations soared by 87% last year, while the number of ransomware groups impacting the OT/ICS space jumped…

Stürmer Maschinen von Ransomware-Attacke getroffen

Die Ransomware-Bande Lynx erpresst den Großhändler Stürmer Maschinen mit gestohlenen Daten. DC Studio – Shutterstock.com Die Ransomware-Bande Lynx hat den Maschinengroßhändler Stürmer Maschinen kürzlich auf ihre Opferliste gesetzt. Auf ihrer Leak-Seite im Darknet behaupten die Cyberkriminellen, einen Datensatz von 800 Gigabyte abgezogen zu haben. Um welche Daten es sich dabei genau handelt ist unklar. Informationen…

What defenders are learning from Black Basta’s leaked chat logs

Black Basta’s internal chat logs, which were leaked earlier this month, are providing defenders with actionable intelligence on the ransomware group’s operations, cybercrime experts told CyberScoop.  Researchers sifting through Black Basta’s exposed communications found details about the group’s preferred tools and techniques, including custom malware loaders, indicators of compromise, cryptocurrency wallets and email addresses associated…

Deutscher IT-Dienstleister im Visier von Ransomware-Angreifern

Die Hackerbande Akira soll Daten von InSyst gestohlen haben. Quality Pixel – Shutterstock.com Der IT-Dienstleister InSyst wurde offenbar Ziel einer Ransomware-Attacke. Die Ransomware-Gruppe Akira fügte das Unternehmen kürzlich zu ihrer Opferliste im Darknet hinzu. Die Hacker behaupten, vertrauliche Daten wie NDAs, Führerscheine, Finanzdaten sowie Kontaktdaten von Mitarbeitern und Kunden erbeutet zu haben. Die Angreifer drohen…

Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace

The United States is falling “increasingly behind” its adversaries in cyberspace, a former Cyber Command and National Security Agency boss said Saturday. Speaking at the DistrictCon cybersecurity conference in Washington, D.C., retired Gen. Paul Nakasone said that “our adversaries are continuing to be able to broaden the spectrum of what they’re able to do to…

Ransomware-Attacke auf Gesundheitsdienstleister

Die Ransomware-Gruppe Medusa will den britischen Gesundheitsdienstleister HCRG Care Group um mehr als 2.000 Daten erleichtert haben. Sasun Bughdaryan – Shutterstock.com Die Ransomware-Bande Medusa behauptet in einem Darknet-Post, mehr als 2.000 sensible Datensätze  der HCRG Care Group erbeutet zu haben. Das Unternehmen zählt zu den größten unabhängigen Anbietern von Gesundheits- und Pflegedienstleistungen im Vereinigten Königreich…

Smashing Security podcast #405: A crypto con exchange, and soaring ticket scams

From shadowy Bitcoin exchanges to Interpol’s most wanted, Alexander Vinnik was the alleged kingpin behind BTC-e, a $4bn crypto laundering empire. Learn more about him, and how he became a geopolitical pawn between the US, France, and Russia. Plus! Hear how concert-goers are being warned about a swathe of scams hitting stadiums and arenas around…

GRIT’s 2025 Report: Ransomware Group Dynamics and Case Studies

Ransomware threats continue evolving, with the most successful groups refining their tactics to maximize impact over the last year. Understanding […] The post GRIT’s 2025 Report: Ransomware Group Dynamics and Case Studies appeared first on Security Boulevard.

Smashing Security podcast #404: Podcast not found

The story of how hackers managed to compromise the US Government’s official SEC Twitter account to boost the price of Bitcoins, AI isn’t helping reduce the rife conspiracy theories inside classrooms, and is the funeral bell tolling for ransomware? All this and more is discussed in the latest edition of the “Smashing Security” podcast by…

U.S. sanctions bulletproof hosting provider for supplying LockBit infrastructure

A consortium of U.S., Australian and U.K. officials announced coordinated sanctions Tuesday against Zservers, a Russia-based bulletproof hosting provider. The action targets the company for its role in facilitating ransomware attacks, most notably those conducted by the LockBit ransomware-as-a-service (RaaS) group. Officials detailed that Zservers has long been linked to cybercriminal forums, where it has…

Thai authorities detain four Europeans in ransomware crackdown

In a sweeping international law enforcement operation, Thai authorities arrested four Europeans in Phuket, accusing them of orchestrating ransomware attacks affecting Swiss companies worldwide. The suspects are allegedly tied to the 8Base ransomware-as-a-service (RaaS) gang, which extorted $16 million worth of Bitcoin from over 1,000 individuals. The operation, termed “Phobos Aetor,” reflected a tightly coordinated…

Smashing Security podcast #403: Coinbase crypto heists, QR codes, and ransomware in the classroom

In episode 403 of “Smashing Security” we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham’s DMs, Geoff gives a poor grade for PowerSchool’s security, and Carole takes a curious look at QR codes. All this and more is discussed in the latest edition of the “Smashing…

Ransomware payments dropped 35% in 2024

Ransomware payments saw a dramatic 35% drop last year compared to 2023, even as the overall frequency of ransomware attacks increased, according to a new report released by blockchain analysis firm Chainalysis.  The considerable decline in extortion payments is somewhat surprising, given that other cybersecurity firms have claimed that 2024 saw the most ransomware activity…

Ransomware payments dropped in 2024 as victims refused to pay hackers

Ransomware payments fell by more than one-third in 2024 as an increasing number of victims refused to negotiate with hackers. In a report published Wednesday, crypto forensics firm Chainalysis said that while ransomware gang leak sites posted more victims than in previous years during 2024, fewer victims gave in to the hackers’ demands. Chainalysis reported…

The Transformative Role of AI in Cybersecurity

2025 marks a pivotal moment in the integration of artificial intelligence (AI) and cybersecurity. Rapid advancements in AI are not only redefining industries; they are reshaping the cybersecurity landscape in profound ways. Through this evolution, I have noted three primary […] The post The Transformative Role of AI in Cybersecurity appeared first on TechSpective. The…

House bill aims to better protect financial institutions from ransomware attacks

A bipartisan pair of House lawmakers are seeking to improve private-public coordination for financial institutions amid a surge of ransomware attacks on the sector. The Public and Private Sector Ransomware Response Coordination Act, introduced this week by Reps. Zach Nunn, R-Iowa, and Josh Gottheimer, D-N.J., would direct the Treasury secretary to deliver a report on…

Grohe AG mutmaßlich von Ransomware-Attacke betroffen

Die Ransomware-Bande Ransomhub will 100 Gigabyte Daten von der Grohe AG erbeutet haben. CeltStudio – Shutterstock.com Die Grohe AG zählt zu den bekanntesten deutschen Herstellern von Armaturen und Sanitärprodukten. Die berüchtigte Ransomware-Bande Ransomhub listet das Unternehmen nun als Opfer auf ihrer Darknet-Seite. Die Hacker behaupten, erfolgreich eingedrungen zu sein und 100 Gigabyte Daten erbeutet zu…

Ransomware groups pose as fake tech support over Teams

Researchers at cybersecurity firm Sophos are tracking multiple clusters of hacking activity leveraging Microsoft 365 instances, Microsoft Teams and email bombing tactics to deliver ransomware. In new research released Tuesday, the company said it had identified at least two distinct clusters of hacking activity using the tactics to infect targets between November and December 2024.…

FunkSec: A New Ransomware Group Buoyed by AI

A new ransomware group called FunkSec claimed 85 victims in December but its members appear to be lesser-skilled hackers using generative AI and inflated attack numbers to bolster their capabilities and reputation, according to Check Point researchers. The post FunkSec: A New Ransomware Group Buoyed by AI appeared first on Security Boulevard.

Justice Department unveils charges against alleged LockBit developer

The U.S. Department of Justice revealed charges Friday against Rostislav Panev, a dual Russian and Israeli national, for his alleged role as a developer in the notorious LockBit ransomware group. Panev was arrested in Israel following a U.S. provisional arrest request and is currently awaiting extradition. Authorities allege that Panev has been an instrumental figure…

Study finds ‘significant uptick’ in cybersecurity disclosures to SEC

The introduction of new cybersecurity disclosure rules by the U.S. Securities and Exchange Commission has led to a significant uptick in the number of reported cybersecurity incidents from public companies, according to a leading U.S. law firm that specializes in finance and M&A activity. Analysis by Paul Hastings LLP found that since the disclosure law…

Israeli court to hear U.S. extradition request for alleged LockBit developer

An Israeli Court is set to deliberate a significant extradition case involving Rostislav Panev, an Israeli citizen alleged to be involved with the notorious LockBit ransomware gang. According to Israeli news outlet Ynet, a U.S. extradition request was made public Thursday claiming that between 2019 and 2024, Panev served as a software developer for LockBit.…

Smashing Security podcast #398: Fake CAPTCHAs, Harmageddon, and Krispy Kreme

This week, we delve into the dark world of fake CAPTCHAs designed to hijack your computer. Plus, the AI safety clock is ticking down – is doomsday closer than we think? And to top it off, we uncover the sticky situation of Krispy Kreme facing a ransomware attack. All this and more is discussed in…

Latest round of MITRE ATT&CK evaluations put cybersecurity products through rigors of ransomware 

MITRE Corporation released findings Wednesday from its latest round of ATT&CK evaluations, assessing the capabilities of enterprise cybersecurity solutions against some of the most prevalent ransomware tactics and North Korean malware. The sixth such evaluation from the nonprofit research organization measured 19 different vendors’ ability to protect enterprise systems by evaluating them against two prominent…

No guarantees of payday for ransomware gang that claims to have hacked children’s hospital

What is the point of INC Ransom’s attack on Alder Hey? They are not likely to be paid, and the attack on a children’s hospital only increases the chances that they will one day find their collars felt by law enforcement. Read more in my article on the Hot for Security blog.

Hacker in Snowflake Extortions May Be a U.S. Soldier

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long:…

Building a Ransomware Response Plan for Your Law Firm

Ransomware is a type of malicious software that encrypts your data, rendering it inaccessible until a ransom is paid. Law firms, with their treasure trove of confidential client information, are especially vulnerable to ransomware attacks. The consequences of an attack can be devastating, from financial losses to reputational damage. Here’s a step-by-step guide on how…

WordPress Appliance - Powered by TurnKey Linux