Latest Ransomware news

Meet Brain Cipher — The new ransomware behind Indonesia's data center attack

The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center.
- Lawrence Abrams
- June 29, 2024
- 10:14 AM
- 1
Infosys McCamish says LockBit stole data of 6 million people

Infosys McCamish Systems (IMS) disclosed that the LockBit ransomware attack it suffered earlier this year impacted sensitive information of more than six million individuals.
- Bill Toulas
- June 28, 2024
- 02:08 PM
- 2
BlackSuit ransomware gang claims attack on KADOKAWA corporation

The BlackSuit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid.
- Lawrence Abrams
- June 27, 2024
- 06:57 PM
- 0
Chinese Cyberspies Employ Ransomware in Attacks for Diversion

Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft.
- Bill Toulas
- June 27, 2024
- 12:20 AM
- 1
P2PInfect botnet targets REdis servers with new ransomware module

P2PInfect, originally a dormant peer-to-peer malware botnet with unclear motives, has finally come alive to deploy a ransomware module and a cryptominer in attacks on Redis servers.
- Bill Toulas
- June 25, 2024
- 06:00 AM
- 0
CDK Global outage caused by BlackSuit ransomware attack

The BlackSuit ransomware gang is behind CDK Global's massive IT outage and disruption to car dealerships across North America, according to multiple sources familiar with the matter.
- Lawrence Abrams
- June 22, 2024
- 03:08 PM
- 7
Rafel RAT targets outdated Android phones in ransomware attacks

An open-source Android malware named 'Rafel RAT' is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them down with a ransomware module that demands payment on Telegram.
- Bill Toulas
- June 22, 2024
- 10:19 AM
- 1
Change Healthcare lists the medical data stolen in ransomware attack

UnitedHealth has confirmed for the first time what types of medical and patient data were stolen in the massive Change Healthcare ransomware attack, stating that data breach notifications will be mailed in July.
- Lawrence Abrams
- June 21, 2024
- 12:10 PM
- 0
Linux version of RansomHub ransomware targets VMware ESXi VMs

The RansomHub ransomware operation is using a Linux encryptor designed specifically to encrypt VMware ESXi environments in corporate attacks.
- Bill Toulas
- June 20, 2024
- 03:00 PM
- 0
Panera Bread likely paid a ransom in March ransomware attack

Panera Bread, an American chain of fast food restaurants, most likely paid a ransom after being hit by a ransomware attack, suggests language used an internal email sent to employees.
- Lawrence Abrams
- June 17, 2024
- 03:55 PM
- 3
Keytronic confirms data breach after ransomware gang leaks stolen files

PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago.
- Lawrence Abrams
- June 14, 2024
- 05:20 PM
- 0
London hospitals cancel over 800 operations after ransomware attack

NHS England revealed today that multiple London hospitals impacted by last week's Synnovis ransomware attack were forced to cancel hundreds of planned operations and appointments.
- Sergiu Gatlan
- June 14, 2024
- 02:05 PM
- 1
CISA warns of Windows bug exploited in ransomware attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a zero-day to its catalog of actively exploited security bugs.
- Sergiu Gatlan
- June 14, 2024
- 12:39 PM
- 0
Ascension hacked after employee downloaded malicious file

Ascension, one of the largest U.S. healthcare systems, revealed that a May 2024 ransomware attack was caused by an employee who downloaded a malicious file onto a company device.
- Sergiu Gatlan
- June 13, 2024
- 05:52 PM
- 0
Toronto District School Board hit by a ransomware attack

The Toronto District School Board (TDSB) is warning that it suffered a ransomware attack on its software testing environment and is now investigating whether any personal information was exposed.
- Bill Toulas
- June 13, 2024
- 02:43 PM
- 0
Panera warns of employee data breach after March ransomware attack

U.S. food chain giant Panera Bread is notifying employees of a data breach after unknown threat actors stole their sensitive personal information in a March ransomware attack.
- Sergiu Gatlan
- June 13, 2024
- 02:32 PM
- 0
Police arrest Conti and LockBit ransomware crypter specialist

The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself.
- Bill Toulas
- June 12, 2024
- 09:42 AM
- 2
Black Basta ransomware gang linked to Windows zero-day attacks

The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available.
- Bill Toulas
- June 12, 2024
- 06:00 AM
- 0
TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers

The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target systems.
- Bill Toulas
- June 11, 2024
- 10:25 AM
- 0
London hospitals face blood shortage after Synnovis ransomware attack

England's NHS Blood and Transplant (NHSBT) has issued an urgent call to O Positive and O Negative blood donors to book appointments and donate after last week's cyberattack on pathology provider Synnovis impacted multiple hospitals in London.
- Bill Toulas
- June 10, 2024
- 11:43 AM
- 0