Synlab Italia suspends operations following ransomware attack
    April 22, 2024   11:27 AM   0 Synlab Italia has suspended all its medical diagnostic and testing services after a ransomware attack forced its IT systems to be taken offline. Part of the Synlab group that is present in 30 countries worldwide, the Synlab Italia network operates 380 labs and medical centers across Italy. It has an annual turnover of $426 million and carries out 35 million analyses every year. Late last week, the company announced that...
    By AFFA 2024-04-22 15:45:50 0 30
    Ransomware payments drop to record low of 28% in Q1 2024
    April 21, 2024   10:21 AM   0 Ransomware actors have had a rough start this year, as stats from cybersecurity firm Coveware show companies are increasingly refusing to pay extortion demands, leading to a record low of 28% of companies paying ransom in the first quarter of 2024. This figure was 29% in Q4 2023, and Coveware's stats show that diminishing payments have remained steady since early 2019. This decrease is due to organizations implementing more...
    By AFFA 2024-04-21 19:36:53 0 19
    The Week in Ransomware - April 19th 2024 - Attacks Ramp Up
    April 19, 2024   07:36 PM   0 While ransomware attacks decreased after the LockBit and BlackCat disruptions, they have once again started to ramp up with other operations filling the void. A relatively new operation called RansomHub gained media attention this week after a BlackCat affiliate used the newer operation's data leak site to extort Change HealthCare once again. Change HealthCare allegedly already paid a ransom, which was stolen from an...
    By AFFA 2024-04-20 01:32:19 0 17
    The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack
    April 5, 2024   05:59 PM   0 Ransomware attacks targeting VMware ESXi and other virtual machine platforms are wreaking havoc among the enterprise, causing widespread disruption and loss of services. Panera's massive IT outage last month that took down internal systems, the website, mobile apps, and phones was caused by a ransomware attack encrypting the company's virtual machines. While the company has been able to restore servers from...
    By AFFA 2024-04-06 19:15:18 0 20
    Hosting firm's VMware ESXi servers hit by new SEXi ransomware
    April 3, 2024   05:58 PM   2 Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups. PowerHost is a data center, hosting, and interconnectivity company with locations in the USA, South America, and Europe. On Monday, PowerHost's Chile division, IxMetro, warned customers that it suffered a ransomware attack early...
    By AFFA 2024-04-04 16:15:41 0 35
    INC Ransom threatens to leak 3TB of NHS Scotland stolen data
    March 27, 2024   01:59 PM   0 The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service (NHS) of Scotland. In a post yesterday, the cybercriminals shared multiple images containing medical details and said that they would leak data "soon," unless the NHS pays a ransom. Scotland's NHS is the country’s public health system, providing services ranging from primary care,...
    By AFFA 2024-03-28 15:40:42 0 23
    Ransomware as a Service and the Strange Economics of the Dark Web
    March 27, 2024   10:02 AM   0 Ransomware is changing, fast. The past three months have seen dramatic developments among the ransomware ecosystem to include the takedown of LockBit’s ransomware blog, BlackCat exiting the ecosystem, and the emergence of several smaller ransomware groups. This article aims to provide context for recent news. First we will cover how ransomware groups and affiliates work together. Then we’ll dive into affiliate...
    By AFFA 2024-03-27 14:50:22 0 21
    LockBit ransomware affiliate gets four years in jail, to pay $860k
    March 13, 2024   07:42 AM   0 Russian-Canadian cybercriminal Mikhail Vasiliev has been sentenced to four years in prison by an Ontario court for his involvement in the LockBit ransomware operation. Vasiliev was arrested in November 2022 and pleaded guilty to eight charges in February 2024, including cyber extortion, mischief, and weapons offenses. The man was a key member of the notorious LockBit ransomware gang, involved in many of the operation's...
    By AFFA 2024-03-13 15:50:55 0 83
    The Week in Ransomware - March 8th 2024 - Waiting for the BlackCat rebrand
    March 8, 2024   05:25 PM   1 We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. What makes this strange is that this seems to be a common routine for the DarkSide, I mean BlackCat/ALPHV, ransomware operation which tends to hit critical infrastructure, and then realize it was a big mistake. As it was, they...
    By AFFA 2024-03-09 21:23:10 0 79
    Switzerland: Play ransomware leaked 65,000 government documents
    March 7, 2024   03:27 PM   1 The National Cyber Security Centre (NCSC) of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files. Xplain is a Swiss technology and software solutions provider for various government departments, administrative units, and even the country's military force. The Play ransomware gang breached...
    By AFFA 2024-03-08 16:05:17 0 65
    BlackCat ransomware shuts down in exit scam, blames the "feds"
    March 5, 2024   10:49 AM   1 The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates’ money by pretending the FBI seized their site and infrastructure. The gang announced they are now selling the source code for the malware for the hefty price of $5 million. On a hacker forum, ALPHV said that they decided "to close the project" because of "the feds," without providing additional details or a clarification....
    By AFFA 2024-03-05 17:10:33 0 85
    BlackCat ransomware turns off servers amid claim they stole $22 million ransom
    March 4, 2024   12:44 PM   0 The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million. While BlackCat's data leak blog has been down since Friday, BleepingComputer had confirmed that negotiation sites were still active over the weekend. Today, BleepingComputer confirmed the ransomware operations negotiation...
    By AFFA 2024-03-04 18:39:04 0 84
    LockBit ransomware returns to attacks with new encryptors, servers
    February 28, 2024   01:31 PM   0 The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week's law enforcement disruption. Last week, the NCA, FBI, and Europol conducted a coordinated disruption called 'Operation Cronos' against the LockBit ransomware operation. As part of this operation, law enforcement seized infrastructure, retrieved decryptors, and, in an embarrassing...
    By AFFA 2024-02-29 18:56:09 0 87
    Ransomware gang claims they stole 6TB of Change Healthcare data
    February 28, 2024   02:33 PM   0 Image: Midjourney The BlackCat/ALPHV ransomware gang has officially claimed responsibility for a cyberattack on Optum, a subsidiary of UnitedHealth Group (UHG), which led to an ongoing outage affecting the Change Healthcare platform. Change Healthcare is the largest payment exchange platform used by more than 70,000 pharmacies across the United States. UHG is the world's largest healthcare company by revenue, employing...
    By AFFA 2024-02-29 18:52:01 0 83
    New ScreenConnect RCE flaw exploited in ransomware attacks
    February 22, 2024   01:34 PM   0 Update February 23, 07:02 EST: Sophos published a report today saying that the ransomware payloads they spotted were built using the LockBit ransomware builder leaked online by a disgruntled malware developer in late September 2022. The samples seen by Sophos in this week's attacks were a buhtiRansom LockBit variant dropped on 30 different customer networks and a second payload created...
    By AFFA 2024-02-23 19:08:25 0 85
More Articles
Read More
Android XLoader malware can now auto-execute after installation
February 8, 2024   01:34 PM   0 A new version of the XLoader...
By AFFA 2024-02-08 22:51:03 0 143
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies
November 19, 2023   11:14 AM   0 After Sandworm and APT28 (known...
By AFFA 2023-11-19 23:12:47 0 533
Microsoft releases Exchange hotfixes for security update issues
April 23, 2024   03:50 PM   0 ​Microsoft has released hotfix...
By AFFA 2024-04-24 17:48:03 0 2
Microsoft to shut down 50 cloud services for Russian businesses
March 23, 2024   10:14 AM   0 Microsoft plans to limit access to...
By AFFA 2024-03-23 16:46:43 0 40
US fines man $9.9 million for thousands of disturbing robocalls
March 25, 2024   07:28 PM   0 A U.S. federal court has issued a...
By AFFA 2024-03-26 14:49:51 0 60