Incidents involving malware or ransomware. In some cases, incidents called “ransomware” do not involve any locking but merely hack, exfiltrate, and attempt to extort.
From a joint advisory by CISA and the FBI: The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)— (“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Beginning early […]
The HIPAA Journal reports: A District Court Judge has set a March 2025 deadline for Change Healthcare to file motions to dismiss certain claims raised in multiple complaints in response to its February 2024 ransomware attack and data breach. In February 2024, Change Healthcare suffered a ransomware attack that resulted in file encryption and the […]
Bleeping Computer reports: A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of four suspected hackers in Phuket, Thailand, and the seizure of 8Base’s dark web sites. The suspects are accused of conducting cyberattacks on over 1,000 victims worldwide. The arrested individuals, two men and two women, are Europeans […]
NDM News Network reports that Tata Technologies, a subsidiary of Tata Motors, is responding to a ransomware attack that resulted in the temporary suspension of some services: Tata Technologies is currently working to investigate the situation and reinforce its cybersecurity measures to prevent future disruptions and ensure the protection of its digital infrastructure. The company […]
The Minnesota Star Tribune reports: UnitedHealth Group says the impact from the cyberattack last year at its Change Healthcare subsidiary is much wider than previously understood, affecting roughly 190 million patients — up from previous estimates of about 100 million people. The updated tally extends the scope beyond what was previously described by company Chief Executive Andrew […]
That invitation to a Teams call on which IT promises to mop up a spamstorm may not be what it seems Seen on The Register: Two ransomware campaigns are abusing Microsoft Teams to infect organizations and steal data, and the crooks may have ties to Black Basta and FIN7, according to Sophos. The antivirus maker’s […]
Two Russians are on trial in Brussels for infecting tens of thousands of computers with ransomware and raking in more than 3 million euros. Belga News Agency reports: The couple allegedly used the highly malicious Crylock ransomware to remotely lock computer files and hold some 400,000 victims for ransom. Crylock first appeared in Belgium in […]
Court-Authorized Operation Removes PlugX Malware from Over 4,200 Infected U.S. Computers Note: View the affidavit here. The Justice Department and FBI today announced a multi-month law enforcement operation that, alongside international partners, deleted “PlugX” malware from thousands of infected computers worldwide. As described in court documents unsealed in the Eastern District of Pennsylvania, a group of […]
Governments have routinely urged ransomware victims not to pay ransom demands, as it only encourages them to attack even more victims. Now the UK government may prohibit government and public sector entities from paying. LBC reports: Security minister Dan Jarvis told LBC: “We want these cyber criminals who operate from Russia and elsewhere to look […]
The Hacker News reports that a notorious Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested: According to a news report from Russian media outlet RIA Novosti, Mikhail Pavlovich Matveev has been accused of developing a malicious program designed to encrypt files and seek ransom in return for a […]
