FinCEN Issues Financial Trend Analysis on Ransomware
On December 4, the U.S. Department of the Treasury Financial Crimes Enforcement Network (FinCEN) issued a Financial Trend Analysis of ransomware incidents since January 2022: FinCEN
LockBit 5.0 Infrastructure Exposed in New Server, IP, and Domain Leak
Cyber Security News reports that LockBit 5.0’s infrastructure was leaked on X.com on December 5 by Rakesh Krishnan: LockBit 5.0 key infrastructure exposed, revealing the IP address 205.185.116.233, and the domain karma0.xyz is hosting the ransomware group’s latest leak site. According to researcher Rakesh Krishnan, hosted under AS53667 (PONYNET, operated by FranTech Solutions), a network frequently […]
Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued another warning last week:
CodeRED Emergency Alerts Disrupted Across US After Ransomware Breach
Bitdefender reports: A ransomware attack on Crisis24, the vendor behind the CodeRED emergency alert system, has left towns and cities across the United States without a core public-warning tool. CodeRED is widely used to push urgent notifications for severe weather, public safety incidents, missing persons and other critical situations. In the aftermath of the intrusion, […]
Cyber insurers paid out over twice as much for UK ransomware attacks last year
The Register reports: The number of successful cyber insurance claims made by UK organizations shot up last year, according to the latest figures from the industry’s trade association. The Association of British Insurers (ABI) said £197 million ($259 million) in cyber insurance payouts were made to victimized organizations in 2024, up from £59 million ($77 […]
Nearly half of retail ransomware attacks stem from unknown security gaps: Report
The Economic Times reports: Cybersecurity firm Sophos has released its fifth annual State of Ransomware in Retail report, highlighting how visibility gaps across retail networks continue to leave businesses vulnerable. The survey of 361 IT and security leaders across 16 countries found that 46% of ransomware attacks in the sector originated from previously unknown security […]
Chicago firm that offers ransomware incident response had rogue workers carrying out their own hacks, FBI says
Chicago Sun-Times reports: Rogue employees of a Chicago company that specializes in negotiating ransoms to mitigate cyber attacks were carrying out their own piracy in a plot to extort millions of dollars from a series of companies, prosecutors say. Kevin Tyler Martin, a ransomware threat negotiator for River North-based DigitalMint at the time of the […]
Russia finally bites the cybercrooks it raised, arresting suspected Meduza infostealer devs
The Register reports: Russia’s Interior Ministry says police have arrested three suspects it believes helped build and spread the Meduza infostealer. A statement issued by spokesperson Irina Volk via the Ministry’s Telegram channel on Thursday included video footage of all three arrests of men described as “young IT specialists” who are alleged to have helped […]
Hackers Target Swedish Power Grid Operator
Security Week reports: Swedish state-owned power grid operator Svenska kraftnät on Monday confirmed that it fell victim to a cyberattack that resulted in a data breach. The incident, the company said, was discovered on Saturday and affected an isolated, external file transfer solution, but not the power grid. The country’s electricity supply has not been affected […]
Capita given record £14 million fine over ransomware attack security failings
The Record reports: Capita, the United Kingdom’s largest outsourcing company, was on Wednesday fined £14 million ($18.7 million) over security failings that saw attackers compromise the personal information of 6.6 million people in a ransomware attack in 2023. The voluntary settlement is for less than a third of the £45 million ($60 million) Britain’s data […]