35 matches found
2 US Cybersecurity Experts Jailed for Aiding ALPHV (BlackCat) Ransomware
Two US cybersecurity experts jailed for aiding BlackCat ransomware group, extorting victims worldwide and exploiting insider access for profit...
Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks
The U.S. Department of Justice DoJ on Thursday announced the sentencing of two cybersecurity professionals to four years each in prison for their role in facilitating BlackCat ransomware attacks in 2023. Ryan Goldberg , 40, of Georgia, and Kevin Martin , 36, of Texas, were accused of deploying th...
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino , 41, of Land O'Lakes, Florida, teamed up with the operators of the BlackCat ransomware starting in April 2023 to assist the e-crime ga...
2 US Cybersecurity Experts Guilty of Extortion Scheme for ALPHV Ransomware
Can you trust your cybersecurity team? A recent federal case reveals how two US-based cybersecurity experts turned into affiliates for the BlackCat ransomware group, extorting over $1.2M in Bitcoin. Read the full story on their 2023 crime spree...
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat aka ALPHV ransomware between May and November 2023 and extorting them. Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co–conspirator aka "Co-Conspirator 1" based ...
Exit Scam: BlackCat Ransomware Group Vanishes After $22 Million Payout
The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. "ALPHV/BlackCat did not get seized. They are exit scamming their affiliates," security researcher Fabian Wosar said. "It is...
BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare
There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group a.k.a. "ALPHV" as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide f...
LockBit Ransomware's Darknet Domains Seized in Global Law Enforcement Raid
Update: The U.K. National Crime Agency NCA has confirmed the takedown of LockBit infrastructure. Read here for more details. An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the...
Clorox counts the cost of cyberattack
Cleaning products maker Clorox has reported losses of $49 million in connection to a cyberattack it suffered in August of last year. On Monday, August 14, 2023, Clorox disclosed it had identified unauthorized activity on some of its IT systems. Despite a business continuity plan, the incident...
What is Blackcat Ransomware
Begin This Exploration: Unraveling the Mysteries of PantheraNegra Malware As new forks in the road of online threats emerge, an innovative peril has cast its shadow in the digital landscape – a danger we have identified as PantheraNegra Malware. What sets PantheraNegra Malware apart? Let's unrave...
FBI Takes Down BlackCat Ransomware, Releases Free Decryption Tool
The U.S. Justice Department DoJ has officially announced the disruption of the BlackCat ransomware operation and released a decryption tool that more than 500 affected victims can use to regain access to files locked by the malware. Court documents show that the U.S. Federal Bureau of Investigati...
ALPHV (BlackCat) Ransomware Using Google Ads to Target Victims
By Deeba Ahmed Yet another day, another instance of a Google service being exploited for spreading malware infections. This is a post from HackRead.com Read the original post: ALPHV BlackCat Ransomware Using Google Ads to Target Victims...
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising campaign that targets other utilities like...
Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now
Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. The list of vulnerabilities is as follows - CVE-2023-38547 CVSS score: 9.9 - An unspecified flaw that can be leveraged by an unauthenticated user...
BlackCat Incorporates ‘Munchkin’ into Its Arsenal
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The BlackCat ransomware group has introduced a new tool called Munchkin in its operations. This tool employs virtual machines VMs to stealthily deploy encryptors on network devices. Munchkin allows the...
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider IDP as initial access into an environment with the goal of stealing Intellectual Property IP for extortion. LUCR-3 targets Fortune 20...
New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools
Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware aka ALPHV and Noberus that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. "The Impacket tool has credential dumping and remote service execution modules that cou...
Malvertising Attack Drops BlackCat Ransomware via Fake Search Results
By Waqas Happening through Google Search, hackers use a malicious ISO archive to distribute files that direct users to fake download pages of popular business applications. This is a post from HackRead.com Read the original post: Malvertising Attack Drops BlackCat Ransomware via Fake Search Resul...
New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads
A new malvertising campaign has been observed leveraging ads on Google Search and Bing to target users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP, and trick them into downloading trojanized installers with an aim to breach enterprise networks and likely carry out future...
FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks
The financially motivated threat actor known as FIN8 has been observed using a "revamped" version of a backdoor called Sardonic to deliver the BlackCat ransomware. According to the Symantec Threat Hunter Team, part of Broadcom, the development is an attempt on the part of the e-crime group to...