Tag: ransomware attacks
14 articles

Ransomware Attacks Surge Through Compromised Logins
Ransomware attacks are surging, with a staggering 79% of incidents linked to compromised identities and legitimate user logins, making it the most common entry point for hackers. This marks a significant shift away from traditional software flaw exploitation, now accounting for just 18% of initial attacks.

Citrix Bleed 2 Exploit Fuels Ransomware Attacks
Ransomware attacks are on the rise, fueled by a new exploit that has already made a significant impact, and now a major software company has ordered its customers to take critical systems offline due to a credible security threat. Progress has urged customers to shut down vulnerable Windows servers to prevent potential breaches.

Ransomware Operators Leverage AI for Autonomous Attacks
Meet JADEPUFFER, a pioneering threat actor that's harnessing AI to launch autonomous ransomware attacks - and adapting in real-time to get the job done. This groundbreaking tactic has been observed by researchers, who spotted JADEPUFFER's lightning-fast 31-second pivot from a failed login to a successful exploit.

Ransomware Attacks Targeted via Fake Interpol Emails
Beware of fake Interpol emails that could be ransomware traps! Cybercriminals are impersonating the law enforcement agency, sending unsolicited emails with suspicious links and password-protected files, trying to trick organizations into compromising their security.

Ransomware Attacks Surge Across Europe
Ransomware attacks are surging across Europe, with a staggering 55.1% year-over-year increase in just the first four months of 2026, averaging 171 incidents per month. Five key countries - Germany, the UK, France, Italy, and Spain - are bearing the brunt, accounting for 70% of all recorded attacks.

Ransomware Attacks Shift to Data Theft Tactics
Ransomware attacks have taken a sinister turn, with a growing number of hackers ditching decryption keys and instead using stolen data to extort their victims. In fact, a recent report found that a whopping 87% of ransomware claims now involve data theft, with encryption becoming a thing of the past.

Law Enforcement Disrupts First VPN Service Tied to Ransomware Attacks
In a major cybercrime crackdown, law enforcement agencies have dismantled a notorious VPN service used by ransomware attackers, seizing 33 servers and taking its domains offline in a coordinated operation across 27 countries. The takedown of First VPN, a so-called "no-logs" provider, has dealt a significant blow to threat actors behind ransomware and data theft campaigns.

MuddyWater Exploits Microsoft Teams in False Flag Ransomware Attacks
MuddyWater hackers are impersonating Chaos ransomware affiliates, using clever social engineering tactics via Microsoft Teams to steal credentials and gain access to sensitive systems. Their sophisticated campaign involves interactive screen-sharing and manipulation of multi-factor authentication.

Cybersecurity Experts Imprisoned for Ransomware Extortion Scheme
Two American cybersecurity experts, Ryan Goldberg and Kevin Martin, have been sentenced to prison for their roles in a brazen 2023 ransomware campaign that targeted companies across the United States. Their crimes have brought to light the severe consequences of cyberattacks and the importance of protecting businesses from such threats.

US Sentences Two Cybersecurity Pros for BlackCat Ransomware Role
Two cybersecurity experts turned to a life of crime, using their specialized knowledge to extort victims through BlackCat ransomware attacks, and have been sentenced to four years in prison for their roles. Ryan Goldberg and Kevin Martin deployed the ransomware against multiple US victims between April and December 2023.

Microsoft Uncovers Storm-1175's Medusa Ransomware Link
Microsoft just dropped a crucial report linking Storm-1175, a notorious threat actor, to high-velocity Medusa ransomware attacks that exploit flaws in networked systems. This newly uncovered connection raises the alarm for anyone building, defending, or relying on these systems to stay vigilant against Medusa ransomware attacks.

China-Linked Storm-1175 Weaponizes Zero-Days to Fuel Medusa Ransomware Blitz
Medusa ransomware attacks are happening at alarming speed, thanks to a China-linked threat actor called Storm-1175 that is exploiting a potent mix of zero-day and known vulnerabilities to rapidly infect exposed systems. This high-velocity campaign is a stark reminder of the evolving ransomware threat landscape.

BKA Unmasks REvil Ransomware Leaders Behind 130 German Attacks
Germany's Federal Criminal Police Office has made a major breakthrough, unmasking the leaders behind the notorious REvil ransomware operation, responsible for 130 devastating attacks on companies, hospitals, and municipalities across the country. The culprits, once hidden behind aliases, have finally been exposed.

Akira Ransomware Executes Attacks in Under 60 Minutes
Akira ransomware has become alarmingly efficient, capable of executing a full-scale attack in under 60 minutes - leaving organizations with an incredibly tight window to detect and respond to threats. This lightning-fast strike highlights the urgent need for robust security measures to counter the rapidly evolving ransomware landscape.