Latest Ransomware news

FBI disrupts Blackcat ransomware operation, creates decryption tool

The Department of Justice announced today that the FBI successfully breached the ALPHV ransomware operation's servers to monitor their activities and obtain decryption keys.
- Lawrence Abrams
- December 19, 2023
- 09:16 AM
- 0
Vans and North Face owner VF Corp hit by ransomware attack

American global apparel and footwear giant VF Corporation, the owner of brands like Supreme, Vans, Timberland, and The North Face, has disclosed a security incident that caused operational disruptions.
- Bill Toulas
- December 18, 2023
- 01:56 PM
- 0
FBI: Play ransomware breached 300 victims, including critical orgs

The Federal Bureau of Investigation (FBI) says the Play ransomware gang has breached roughly 300 organizations worldwide between June 2022 and October 2023, some of them critical infrastructure entities.
- Sergiu Gatlan
- December 18, 2023
- 11:24 AM
- 0
The Week in Ransomware - December 15th 2023 - Ransomware Drama

The big news over the past two weeks is the continued drama plaguing BlackCat/ALPHV after their infrastructure suddenly stopped working for almost five days. Multiple sources told BleepingComputer that this outage was related to a law enforcement operation, but BlackCat claims the outages were caused by a hardware/hosting issue.
- Lawrence Abrams
- December 15, 2023
- 04:18 PM
- 0
Ransomware gang behind threats to Fred Hutch cancer patients

The Hunters International ransomware gang claimed to be behind a cyberattack on the Fred Hutchinson Cancer Center (Fred Hutch) that resulted in patients receiving personalized extortion threats.
- Bill Toulas
- December 15, 2023
- 11:50 AM
- 0
French police arrests Russian suspect linked to Hive ransomware

French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims' ransom payments.
- Sergiu Gatlan
- December 13, 2023
- 03:25 PM
- 0
LockBit ransomware now poaching BlackCat, NoEscape affiliates

The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams.
- Lawrence Abrams
- December 13, 2023
- 01:22 PM
- 0
Cold storage giant Americold discloses data breach after April malware attack

Cold storage and logistics giant Americold has confirmed that over 129,000 employees and their dependents had their personal information stolen in an April attack, later claimed by Cactus ransomware.
- Sergiu Gatlan
- December 11, 2023
- 12:50 PM
- 0
Toyota warns customers of data breach exposing personal, financial info

Toyota Financial Services (TFS) is warning customers it suffered a data breach, stating that sensitive personal and financial data was exposed in the attack.
- Bill Toulas
- December 11, 2023
- 10:32 AM
- 1
Norton Healthcare discloses data breach after May ransomware attack

Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents.
- Sergiu Gatlan
- December 08, 2023
- 06:28 PM
- 0
ALPHV ransomware site outage rumored to be caused by law enforcement

A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours.
- Lawrence Abrams
- December 08, 2023
- 01:30 PM
- 0
Navy contractor Austal USA confirms cyberattack after data leak

Austal USA, a shipbuilding company and a contractor for the U.S. Department of Defense (DoD) and the Department of Homeland Security (DHS) confirmed that it suffered a cyberattack and is currently investigating the impact of the incident.
- Bill Toulas
- December 06, 2023
- 12:16 PM
- 0
HTC Global Services confirms cyberattack after data leaked online

IT services and business consulting company HTC Global Services has confirmed that they suffered a cyberattack after the ALPHV ransomware gang began leaking screenshots of stolen data.
- Lawrence Abrams
- December 05, 2023
- 06:54 PM
- 0
Tipalti investigates claims of data stolen in ransomware attack

Tipalti says they are investigating claims that the ALPHV ransomware gang breached its network and stole 256 GB of data, including data for Roblox and Twitch.
- Lawrence Abrams
- December 04, 2023
- 02:22 PM
- 0
Linux version of Qilin ransomware focuses on VMware ESXi

A sample of the Qilin ransomware gang's VMware ESXi encryptor has been found and it could be one of the most advanced and customizable Linux encryptors seen to date.
- Lawrence Abrams
- December 03, 2023
- 04:07 PM
- 0
The Week in Ransomware - December 1st 2023 - Police hits affiliates

An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries.
- Lawrence Abrams
- December 01, 2023
- 05:11 PM
- 1
Cactus ransomware exploiting Qlik Sense flaws to breach networks

Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks.
- Bill Toulas
- November 30, 2023
- 12:46 PM
- 0
Black Basta ransomware made over $100 million from extortion

Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic.
- Sergiu Gatlan
- November 29, 2023
- 01:19 PM
- 0
Qilin ransomware claims attack on automotive giant Yanfeng

The Qilin ransomware group has claimed responsibility for a cyber attack on Yanfeng Automotive Interiors (Yanfeng), one of the world's largest automotive parts suppliers.
- Bill Toulas
- November 28, 2023
- 02:39 PM
- 0
Police dismantle ransomware group behind attacks in 71 countries

In cooperation with Europol and Eurojust, law enforcement agencies from seven nations have arrested in Ukraine the core members of a ransomware group linked to attacks against organizations in 71 countries.
- Sergiu Gatlan
- November 28, 2023
- 04:04 AM
- 1