ransomware

Subscribe to ransomware

Threat actors never cease to find innovative ways to extort their victims. If only threat actors would use their creativity for good causes.

This week, Bluefield University communicated with its students to be careful of texts sent through the University’s communication system after a ransomware group used the communication system to message the campus about

Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, and was successful in stealing data from those organizations. The vulnerability is CVE-2023-0669, which allows attackers to execute remote code execution.

The manufacturer of GoAnywhere MFT notified

The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently released a joint cybersecurity advisory, warning organizations about indicators of compromise, and tactics, techniques, and procedures that have been associated with LockBit 3.0 ransomware.

The Advisory, #StopRansomware: LockBit 3.0, states that LockBit 3.0 is an affiliate-based ransomware variant that functions as

The Health Care Sector Cybersecurity Coordination Center (IC3) recently released an Analyst’s Note to health care organizations providing information on a new variant of ransomware called Venus (also known as GOODGAME).

According to IC3, the threat actors “are known to target publicly exposed Remote Desktop Services to encrypt Windows devices.” The ransomware then “will attempt

Palo Alto’s Unit 42 recently issued a threat assessment alert outlining a new, unique phishing scam that has been successful. The scam is believed to have been carried out by the Luna Moth/Silent Ransom Group and is targeting businesses in the legal and retail sectors. Unit 42 predicts that the scam is “expanding in scope.”

The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning organizations, particularly those in the health care and public health (HPH) sectors, of the ransomware and data extortion operations by the Daixin Team.

The Advisory is designed to provide information to

In its Mid-Year Cyberthreat Report published on August 24, 2022, cybersecurity firm Acronis reports that ransomware continues to plague businesses and governmental agencies, primarily through phishing campaigns.

According to the report over 600 malicious email campaigns were launched in the first half of 2022, with the goal of stealing credentials to launch ransomware attacks. Other

The FBI and CISA recently issued a Cybersecurity Alert entitled “#StopRansomware: Zeppelin Ransomware” providing an alert to organizations about the proliferation of Zeppelin ransomware attacks and information on the indicators of compromise and techniques to combat them.

According to the Advisory, “From 2019 through at least June 2022, actors have used this malware to target

A recently-issued joint advisory by the FBI, the Cybersecurity and Infrastructure Security Agency, the Financial Crimes Enforcement Network, and the Treasury Department warns that MedusaLocker ransomware “targets vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks.” The alert encourages “network defenders to examine their current cybersecurity posture and apply the recommended mitigations,…including:

  • Prioritize remediating

The Chicago Public Schools system is in the process of notifying students, families and some current and former employees that their personal information was compromised as a result of a ransomware attack against a technology vendor, Battelle for Kids.

According to the notification letter, parents of students who attended a Chicago public school between