Ransomware

Ransomware gangs are using the notorious LockBit’s reputation to intimidate victims and carry out sophisticated data exfiltration attacks via Amazon S3 Transfer Acceleration. These attacks exploit embedded AWS credentials and target Windows and macOS systems, encrypting data and applying pressure tactics to extract ransom payments.

Threat actors are exploiting a now-patched vulnerability in Veeam Backup & Replication (CVE-2024-40711) to deploy Akira and Fog ransomware. Using compromised VPN credentials, attackers create local accounts and spread ransomware, targeting enterprise backup systems. The flaw, rated 9.8 on the CVSS scale, enables remote code execution and was patched in September 2024.

Casio, the renowned Japanese tech company, has confirmed that a ransomware attack earlier this month compromised personal and confidential data of employees, job candidates, business partners, and some customers. The Underground ransomware group has claimed responsibility for the attack, leaking sensitive documents. Casio is urging affected individuals to remain cautious as they continue to investigate the breach.

Microsoft has recently highlighted a significant security threat posed by the threat actor known as Storm-0501, marking a concerning trend in ransomware attacks that extend into hybrid cloud environments.

In the dynamic landscape of cybersecurity, the Cactus ransomware has adeptly navigated through significant vulnerabilities within the Qlik Sense data

In September, there was an unprecedented surge in ransomware activity, which came after a period of reduced activity in August,

ExelaStealer, a brand-new information thief, has joined an already crowded field of commercial malware meant to steal sensitive information from

Cybersecurity experts have identified a new cybercrime group called ShadowSyndicate, previously known as Infra Storm. This group has been active