Articles tagged "Ransomware"

Found 290 articles

A recent report from cybersecurity firm ESET reveals that around 80% of UK manufacturers experienced a cyber incident over the past year, with many suffering financial losses as a result. This alarming statistic underscores the vulnerability of the manufacturing sector to cyber threats, which can range from ransomware attacks to data breaches. The financial impact of these incidents can be significant, affecting not just the companies involved but also their customers and supply chains. As manufacturers increasingly rely on digital technologies, the need for robust cybersecurity measures becomes even more pressing. Companies must prioritize their defenses to protect against these growing risks, as the consequences of inaction can be severe.

Read Original

A recent report reveals that credential theft is a significant factor driving various cyberattacks, including ransomware incidents and breaches of Software-as-a-Service (SaaS) platforms. This trend indicates a shift in focus for cybersecurity efforts, moving from merely preventing breaches to actively detecting and responding to the misuse of legitimate access credentials. The report emphasizes that attackers are increasingly using stolen logins to carry out sophisticated attacks, which complicates the security landscape for many organizations. As a result, businesses must enhance their monitoring capabilities to identify unauthorized use of accounts and protect sensitive information. This shift is particularly crucial as nation-state actors also exploit these vulnerabilities for geopolitical purposes, further elevating the stakes in cybersecurity.

Read Original

TeamPCP, a group linked to the notorious Lapsus$ and Vect ransomware gangs, is reportedly investigating ways to profit from confidential information obtained through supply chain attacks. These attacks involve breaching a company's supply chain to steal sensitive data, which can then be sold or used for further cybercrimes. This shift towards monetizing stolen supply chain secrets raises serious concerns for organizations that rely on third-party vendors, as it exposes them to increased risks of data breaches and financial losses. The implications of such activities could be far-reaching, potentially impacting various industries that depend on secure supply chains. Companies should be vigilant about their supply chain security and consider enhancing their defenses against such exploitation.

Read Original

At the BSides SF 2026 hacker conference, a researcher warned that Software as a Service (SaaS) and cloud assets are increasingly vulnerable to identity-based ransomware attacks. This type of attack exploits weaknesses in identity management systems, allowing attackers to gain unauthorized access and encrypt critical data. Organizations that rely on cloud services for their operations, especially those with inadequate security measures in place, are at significant risk. The researcher emphasized that as more businesses transition to these platforms, the need for robust identity protection becomes essential. Companies should prioritize enhancing their identity security protocols to mitigate these risks and protect sensitive customer information.

Read Original

Recent reports indicate a significant decline in infrastructure attacks that could lead to physical consequences, specifically a 25% drop in incidents targeting operational technology (OT) at industrial and critical infrastructure sites. This decrease appears to be linked to a temporary lull in ransomware attacks and hackers' limited understanding of OT systems. While this might seem like positive news, the underlying issue remains that many attackers still lack expertise in these environments, which could change. This situation raises concerns about the long-term security posture of critical infrastructure, as attackers could eventually adapt and exploit these vulnerabilities. Companies operating in these sectors should remain vigilant and enhance their security measures to protect against potential threats in the future.

Read Original

A pro-Ukrainian hacking group known as Bearlyfy has carried out over 70 cyber attacks against Russian companies since January 2025. Their recent campaigns have utilized a custom ransomware known as GenieLocker, which targets Windows systems. This group aims to disrupt operations in Russian businesses, indicating a strategic move in the ongoing conflict between Ukraine and Russia. The use of ransomware adds a financial pressure point, potentially crippling affected organizations. As these attacks continue, it raises concerns about the security of critical infrastructure and business operations in the region.

Read Original
Actively Exploited

The Iranian ransomware group Pay2Key has resurfaced, according to research from Halcyon and Beazley Security. This group is known for targeting various organizations and has been linked to significant ransomware attacks in the past. Their re-emergence poses a renewed risk to businesses, particularly those that may not have updated their security measures since the group's last activity. Companies should be vigilant and review their cybersecurity protocols to defend against potential attacks. The return of Pay2Key highlights the ongoing threat posed by state-sponsored groups in the cybercrime space.

Read Original

Fortinet's FortiGuard Labs has released its 2026 Global Threat Landscape Report, revealing significant trends in cybersecurity threats. The report indicates a rise in sophisticated attacks targeting both enterprise and personal systems, particularly through ransomware and phishing schemes. These attacks are increasingly leveraging artificial intelligence to bypass traditional security measures. Companies across various sectors, including finance and healthcare, are particularly vulnerable, as attackers exploit their reliance on digital infrastructure. The findings stress the urgent need for organizations to enhance their security protocols and invest in advanced threat detection technologies to protect sensitive data and maintain operational integrity.

Read Original

Ilya Angelov, a 40-year-old Russian man, has been sentenced to two years in prison for his role in managing a botnet that facilitated ransomware attacks targeting U.S. companies. The botnet, associated with a cybercriminal group known as TA551, was used to deploy malicious software that locked users out of their systems until a ransom was paid. In addition to his prison sentence, Angelov was fined $100,000. This case underscores the ongoing challenges posed by international cybercrime, particularly how individuals can exploit technology to harm businesses and individuals across borders. The sentencing aims to deter similar cybercriminal activities and demonstrates law enforcement's commitment to addressing ransomware threats.

Read Original
Actively Exploited

Aleksei Volkov, a Russian cybercriminal, has been sentenced to 81 months in prison for his involvement with the Yanluowang ransomware. This ransomware has been linked to various attacks on organizations, encrypting files and demanding ransom payments for decryption. Volkov's arrest and sentencing mark a significant step in the ongoing efforts to combat ransomware and cybercrime. His actions not only impacted individual victims but also contributed to the broader threat posed by ransomware groups, which continue to target businesses and institutions worldwide. The case serves as a reminder of the legal consequences that cybercriminals face, hopefully deterring future attacks.

Read Original
Actively Exploited

Recent developments in ransomware attacks have seen threat actors using artificial intelligence to conduct faster and more sophisticated assaults. These attackers are bypassing traditional security measures by exploiting valid credentials, making it easier for them to infiltrate systems and access sensitive data. This new approach can lead to significant data breaches and financial losses for companies, as the speed and efficiency of these attacks increase. Organizations need to bolster their cybersecurity defenses and educate employees on credential management to mitigate these risks. The rise of AI in cybercrime highlights the urgent need for updated security strategies to keep pace with evolving threats.

Read Original

Trio-Tech, a semiconductor services company, has reported that one of its subsidiaries in Singapore fell victim to a ransomware attack. Hackers deployed file-encrypting ransomware, compromising the subsidiary's network and potentially affecting its operations. While specific details about the extent of the damage or the data involved have not been disclosed, such incidents can severely disrupt business processes and lead to significant financial losses. This attack emphasizes the ongoing risks that companies in the tech sector face from cybercriminals, highlighting the need for robust cybersecurity measures and incident response plans. Companies must remain vigilant and prepared to safeguard against similar threats in the future.

Read Original
Actively Exploited

The WorldLeaks ransomware group has launched attacks against the City of Los Angeles, specifically targeting its Metro system, which resulted in a significant system shutdown. This breach forced the Metro to halt operations temporarily, disrupting public transit services. In addition to Los Angeles, two cities in the Bay Area have declared emergencies due to similar ransomware incidents. These attacks are part of a growing trend in which local governments and essential services are increasingly becoming targets for cybercriminals, raising concerns about the security of public infrastructure and the potential for widespread disruption. The implications of such breaches are serious, as they can hinder public safety and essential services.

Read Original
Actively Exploited

The ransomware group known as Beast Gang has accidentally exposed files from their central cloud server, revealing their aggressive tactics for attacking network backups. These files show a clear strategy focused on targeting backup systems, which is a common method used by ransomware groups to ensure victims are more likely to pay the ransom. This incident raises serious concerns for organizations that rely on cloud services for data storage and highlights the importance of securing backup systems against potential ransomware attacks. As these tactics become more public, companies may need to reassess their cybersecurity measures to protect against such vulnerabilities. The exposure of these files could also lead to further attacks as other cybercriminals may adopt similar strategies.

Read Original

Cameron Nicholas Curry, a tech worker from North Carolina, was found guilty of conducting an insider attack that resulted in the theft of sensitive corporate data from a Washington D.C.-based technology company. As his six-month contract was ending, Curry reportedly stole data and demanded a ransom of $2.5 million. This incident raises significant concerns about insider threats, where employees exploit their access to company information for personal gain. Companies need to be vigilant about monitoring employee activities, especially as contracts come to a close, to prevent similar attacks in the future. The case serves as a reminder of the potential risks posed by trusted employees and the importance of cybersecurity measures in protecting sensitive information.

Read Original
PreviousPage 10 of 20Next