Articles tagged "Ransomware"

Found 292 articles

In a major operation, law enforcement agencies from Senegal, Ghana, Benin, and Cameroon have arrested 574 individuals linked to cybercrime activities, specifically business email compromise (BEC) and ransomware schemes. The crackdown resulted in the seizure of approximately $3 million in assets. These coordinated efforts aimed to dismantle various cyber-fraud networks that have been preying on individuals and organizations across Africa. The significance of this operation extends beyond the immediate arrests; it underscores the growing threat posed by organized cybercriminals in the region and the need for ongoing vigilance and cooperation among nations to combat such crimes. The impact of these cybercrimes can be devastating, affecting businesses and consumers alike, leading to financial losses and a breach of trust in digital communications.

Read Original
Actively Exploited

The University of Phoenix has reported a data breach affecting approximately 3.5 million individuals, linked to a broader hacking campaign targeting Oracle's E-Business Suite software. This breach is attributed to the Cl0p ransomware group, known for exploiting vulnerabilities in various systems. The compromised data includes personal information, which raises significant concerns about identity theft and privacy violations for those affected. As educational institutions increasingly rely on digital platforms, this incident serves as a stark reminder of the vulnerabilities within such systems and the potential risks to sensitive information. Institutions and users alike need to remain vigilant and enhance their security measures to protect against similar attacks in the future.

Read Original

The Clop ransomware group has successfully breached the University of Phoenix's network, compromising the personal data of approximately 3.5 million individuals, including students, staff, and suppliers. The attack occurred in August, and the stolen data could potentially include sensitive information, which raises concerns about identity theft and privacy violations. This incident emphasizes the growing threat of ransomware attacks on educational institutions, highlighting the need for improved cybersecurity measures. Affected individuals should be vigilant for signs of identity theft and consider monitoring their personal information more closely. The university has not yet detailed specific steps being taken to mitigate this breach or protect affected individuals.

Read Original

In a significant crackdown on cybercrime across Africa, law enforcement agencies from 19 countries arrested 574 individuals and seized around $3 million. This operation, called Operation Sentinel, ran for a month from October 27 to November 27 and focused on major cyber threats including business email compromise, digital extortion, and ransomware. Ghana was notably involved in the operation, with over 100 digital devices confiscated in connection with various cyber-fraud cases. This coordinated effort demonstrates a strong commitment to combating the rise of cybercrime in the region, which poses increasing risks to both individuals and businesses. The collective actions taken during this initiative aim to disrupt criminal networks that exploit technology for fraudulent activities.

Read Original
Actively Exploited

The latest Malware Newsletter from Security Affairs covers significant topics in the malware scene, including a focus on pro-Russian cyber attacks. One notable incident involves the deployment of a malware called Phantom Stealer through ISO-mounted executables, which could pose risks to users who interact with these files. Additionally, researchers have identified a method used by hackers to infect around 50,000 Firefox users by embedding malware in a PNG icon. These incidents highlight ongoing threats to cybersecurity, particularly from hacktivist groups and ransomware, emphasizing the need for users and organizations to remain vigilant against emerging tactics and techniques used by cybercriminals.

Read Original

The U.S. government has taken action against the E-Note cryptocurrency exchange, seizing its servers and domains. This exchange is accused of being a hub for laundering over $70 million in ransomware payments, which has raised concerns about its role in facilitating cybercrime. The operation highlights the ongoing struggle against the financial infrastructure that supports ransomware attacks, making it harder for criminals to profit from their activities. Law enforcement agencies continue to target such platforms to disrupt the flow of illegal funds. This move could deter other exchanges from becoming involved in similar activities, potentially impacting the broader landscape of cryptocurrency transactions.

Read Original

A data breach at the Richmond Behavioral Health Authority (RBHA) in Virginia has compromised the personal information of approximately 113,000 individuals. Attackers gained access to sensitive data, including names, Social Security numbers, and financial and health information. In addition to stealing this information, the hackers deployed ransomware on the organization’s systems, which can further complicate recovery efforts and put more data at risk. This incident raises significant concerns about the security of mental health records and the potential for identity theft among those affected. As the healthcare sector increasingly relies on digital systems, breaches like this one highlight the urgent need for stronger cybersecurity measures to protect sensitive patient data.

Read Original
Actively Exploited

A ransomware group has taken advantage of a serious vulnerability in React2Shell, identified as CVE-2025-55182, to infiltrate corporate networks. Once they gain access, they deploy their file-encrypting malware in under a minute, making the attack extremely swift and damaging. This incident highlights the urgency for organizations to address this vulnerability, as it poses a significant risk to corporate data security. Companies using systems that incorporate React2Shell need to remain vigilant and take immediate action to protect their networks from potential exploitation. The rapid nature of these attacks underlines the necessity for robust security measures and timely updates.

Read Original

Askul, a major Japanese e-commerce and logistics company, has reported a significant data breach following a ransomware attack by a group called RansomHouse. This incident has compromised over 700,000 records, raising concerns about the security of sensitive information related to both businesses and consumers who rely on Askul for office supplies and logistics services. The attack underscores the ongoing risks faced by companies in the e-commerce sector, particularly as cybercriminals increasingly target organizations with ransomware. As a result, affected individuals and businesses may be at risk of identity theft and other cyber threats. Companies should take this incident as a wake-up call to bolster their cybersecurity measures and ensure they have effective data protection strategies in place.

Read Original

Ransomware groups are increasingly targeting hypervisors, which are the underlying technology that allows multiple virtual machines to run on a single physical server. This approach enables attackers to encrypt multiple virtual machines simultaneously with a single breach, significantly increasing the impact of their attacks. Researchers at Huntress have found that these attackers exploit gaps in visibility and security at the hypervisor layer. Organizations need to take proactive steps to secure their virtualization infrastructure against these threats. This includes implementing stricter access controls, regular monitoring, and keeping systems updated to defend against potential ransomware attacks that can disrupt operations and lead to data loss.

Read Original
Actively Exploited

Askul, a company specializing in e-commerce and logistics, suffered a significant data breach when the RansomHouse ransomware group targeted it in October. Around 700,000 records were compromised during this attack, raising concerns about the exposure of sensitive customer and business information. The incident highlights the ongoing risks faced by online retailers and logistics providers in today's digital landscape. Organizations like Askul must bolster their cybersecurity measures to protect against such threats and safeguard customer trust. The breach serves as a reminder for all businesses to remain vigilant and proactive in their security practices.

Read Original

Askul Corporation, a major Japanese e-commerce company, reported a ransomware attack by the hacker group RansomHouse, resulting in the theft of approximately 740,000 customer records. The breach, which occurred in October, raises significant concerns about the security of customer data and the potential for identity theft or fraud. Askul has not disclosed the specific types of information taken, but the volume of records suggests that sensitive personal information may be involved. This incident highlights the ongoing challenges faced by companies in protecting consumer data against increasingly sophisticated cyber threats. Customers of Askul should remain vigilant and monitor their accounts for any suspicious activity.

Read Original

A new version of the VolkLocker ransomware, operated by the pro-Russia group CyberVolk, has emerged with notable enhancements but also a significant vulnerability. Researchers discovered that the latest iteration allows victims to decrypt their own files without having to pay a ransom. This flaw undermines the effectiveness of the ransomware, potentially reducing the financial incentive for the attackers. Organizations targeted by this ransomware may find some relief, as they can regain access to their files independently. However, the situation remains concerning as the group continues to evolve its tactics. The presence of such vulnerabilities raises questions about the security measures businesses have in place against ransomware attacks.

Read Original
Actively Exploited

Asahi Group, a major beverage and food company, is facing significant challenges after a ransomware attack that severely disrupted its operations. The company's CEO has announced plans to potentially establish a dedicated cybersecurity unit in response to this incident. This move comes as organizations worldwide increasingly recognize the need for stronger defenses against cyber threats, especially after high-profile attacks like this one. The attack not only affected Asahi's internal systems but also raises concerns about the security of sensitive customer and company data. Strengthening cybersecurity measures is crucial for Asahi to protect its assets and regain consumer trust moving forward.

Read Original

CyberVolk, a pro-Russian hacktivist group, has launched a new ransomware-as-a-service (RaaS) called VolkLocker, which has a significant flaw. Researchers from SentinelOne discovered that VolkLocker contains a hard-coded master key, allowing victims to decrypt their files without paying the ransom. This ransomware, which surfaced in August 2025, targets Windows systems and is part of an ongoing trend of ransomware attacks that can disrupt businesses and individuals alike. The presence of this flaw means that while the ransomware may still be a concern, victims have a potential way to recover their data without succumbing to the attackers' demands. This incident underscores the ongoing battle between cybercriminals and security researchers, as vulnerabilities in ransomware can lead to unexpected outcomes for victims.

Read Original
PreviousPage 17 of 20Next