The threat actor behind the lesser-known AstraLocker ransomware told BleepingComputer they're shutting down the operation and plan to switch to cryptojacking.
PCrisk found a new Sojusz ransomware variant that appends the .ner extension and drops a ransom note named !!!HOW_TO_DECRYPT!!!.txt.
PCrisk found a new STOP ransomware variant that appends the .ghsd extension.
A new ransomware operation called RedAlert, or N13V, encrypts both Windows and Linux VMWare ESXi servers in attacks on corporate networks.
PCrisk found a new Xorist ransomware variant that appends the .LoMiAt extension and drops a ransom note named HOW TO DECRYPT FILES.txt.
The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations.
Hotel giant Marriott International confirmed it was hit by another data breach after an unknown threat actor breached one of its properties and stole 20GB of files.
Hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions.
SHI International, a New Jersey-based provider of Information Technology (IT) products and services, has confirmed that a malware attack hit its network over the weekend.
Network-attached storage (NAS) vendor QNAP warned customers to secure their devices against attacks using Checkmate ransomware to encrypt data.
Professional Finance Company Inc. (PFC), a full-service accounts receivables management company, says that a ransomware attack in late February led to a data breach affecting over 600 healthcare organizations.
The BlackCat ransomware group is making quite a name for itself. In a FLASH alert published in April 2022, the FBI revealed that the operation had infected more than 60 victims since first surfacing in mid-November 2021.
Examination of the first available samples of version 3.0 of the LockBit ransomware reveals surprising ties to BlackMatter and its predecessor, Darkside. But the union might not really be consented.
PCrisk found new STOP ransomware variants that append the .jjww and .jjyy extensions.
PCrisk found new Babuk ransomware variants that append the .again or .FIXED extensions and drop a ransom note named How To Restore Your Files.txt.
New Zealand-based cybersecurity firm Emsisoft has released a free decryption tool to help AstraLocker and Yashma ransomware victims recover their files without paying a ransom.
A new ransomware operation named ‘0mega’ targets organizations worldwide in double-extortion attacks and demands millions of dollars in ransoms.