Inside LockBit: Defense Lessons from the Leaked LockBit Negotiations

The LockBit ransomware gang recently suffered a significant data breach. Their dark web affiliate panels were defaced with the message "Don't do crime CRIME IS BAD xoxo from Prague," linking to a MySQL database dump. This archive contains a SQL file from LockBit's affiliate panel database that...

LockBit’s Dark Web Domains Hacked, Internal Data and Wallets Leaked

LockBit’s dark web domains were hacked, exposing internal data, affiliate tools, and over 60,000 Bitcoin wallets in a…...

LockBit Developer Rostislav Panev Extradited from Israel to the US

The US extradites LockBit ransomware developer, Rostislav Panev, from Israel. Learn how his arrest impacts the fight against…...

Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges

A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme. Rostislav Panev was previously arrested in Israel in...

The New Ransomware Groups Shaking Up 2025

In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents 33% of the year's total. Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise ...

RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024

RansomHub emerges as a major ransomware threat in 2024, targeting 600 organizations after ALPHV and LockBit disruptions. Group-IB…...

RansomHub Becomes 2024's Top Ransomware Group, Hitting 600+ Organizations Globally

The threat actors behind the RansomHub ransomware-as-a-service RaaS scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network's domain controller as part of their...

Top 3 Ransomware Threats Active in 2025

You arrive at the office, power up your system, and panic sets in. Every file is locked, and every system is frozen. A ransom demand flashes on your screen: "Pay $2 million in Bitcoin within 48 hours or lose everything." And the worst part is that even after paying, there's no guarantee you'll ge...

Criminal Complaint against LockBit Ransomware Writer

The Justice Department has published the criminal complaint against Dmitry Khoroshev, for building and maintaining the LockBit ransomware...

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips

The online world never takes a break, and this week shows why. From ransomware creators being caught to hackers backed by governments trying new tricks, the message is clear: cybercriminals are always changing how they attack, and we need to keep up. Hackers are using everyday tools in harmful...

Mystery Drone Sightings Lead to FAA Ban Despite No Detected Threats

Plus: Google’s U-turn on creepy “fingerprint” tracking, the LockBit ransomware gang’s teased comeback, and a potential US ban on the most popular routers in America...

LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages

A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service RaaS operation since its inception in or around 2019 through at least February 2024. Rostislav Panev , 51, was arrested in Israel earlier...

LockBit Developer Rostislav Panev, a Dual Russian-Israeli Citizen, Arrested

LockBit ransomware gang's takedown is in progress!...

Qualys Achieves 100% Major Step Detection in the 2024 MITRE ATT&CK Evaluations, Enterprise

How Qualys Transformed from Risk Leader to EDR Powerhouse In today’s rapidly evolving threat landscape, ransomware continues to dominate as one of the most significant cybersecurity challenges. To help organizations evaluate their defenses against these sophisticated threats, the MITRE ATT&CK...

Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested

A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities in the country. According to a news report from Russian media outlet RIA Novosti, Mikhail Pavlovich Matveev has been accused of developing a...

Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks

Threat actors have been observed abusing Amazon S3 Simple Storage Service Transfer Acceleration feature as part of ransomware attacks designed to exfiltrate victim data and upload them to S3 buckets under their control. "Attempts were made to disguise the Golang ransomware as the notorious LockBi...

Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks

A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. "The group under review has a toolkit that includes utilities such ...

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data

This article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions...

Fake LockBit, Real Damage: Ransomware Samples Abuse Amazon S3 to Steal Data

This article uncovers a Golang ransomware abusing Amazon S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions...

THN Cybersecurity Recap: Top Threats and Trends (Sep 30 - Oct 6)

Ever heard of a "pig butchering" scam? Or a DDoS attack so big it could melt your brain? This week's cybersecurity recap has it all – government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it's too late! ⚡ Threat of the Week Double Trouble: Evil Corp&...