Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
A threat actor dubbed Luna Moth has been leveraging social engineering and legitimate software to steal sensitive data and extort money from small and medium-size businesses. The group is eschewing the use of ransomware and instead relies on targeted employees calling a phone number manned by the attackers and convincing them to install a remote […]
Continue ReadingHive ransomware operators have extorted over $100 million in ransom payments from over 1,300 companies worldwide as of November 2022. The threat actors behind the Hive ransomware-as-a-service (RaaS) have extorted $100 million in ransom payments from over 1,300 companies worldwide as of November 2022, reported the U.S. cybersecurity and intelligence authorities. “As of November 2022, […]
Continue ReadingWanted! Not only the extortionist who abused the data, but also the CEO who let it happen.
Continue ReadingLatest episode – listen and read now! Use our advice to advise your own friends and family… let’s all do our bit to stand up to scammers!
Continue ReadingIt’s a simple jingle and it’s solid advice: “If in doubt, don’t give it out!”
Continue ReadingIn slightly more than a month, the Conti ransomware collective compromised more than 40 companies worldwide, and the fastest attack took only three days, Group-IB’s noted in its latest report detailing the workings of one of the most prolific ransomware / extortion gangs out there. In two years, the ransomware operators attacked more than 850 […]
Continue ReadingIf your organization gets hit by a ransomware gang that has also managed to steal company data before hitting the “encrypt” button, which types of data are more likely to end up being disclosed as you debate internally on whether you should pay the ransomware gang off? Rapid7 analysts analyzed 161 data disclosures performed by […]
Continue ReadingThe Alphv (aka BlackCat) ransomware group is trying out a new tactic to push companies to pay for their post-breach silence: a clearnet (public Internet) website with sensitive data about the employees and customers stolen from a victim organization. Alphv has created a @haveibeenpwned-like site on the clearnet where the employees and customers of a […]
Continue ReadingZscaler released the findings of its annual ThreatLabz Ransomware Report, which revealed an 80 percent increase in ransomware attacks year-over-year. In 2022, the most prevalent ransomware trends include double-extortion, supply chain attacks, ransomware-as-a-service, ransomware rebranding, and geo-political incited ransomware attacks. The report details which industries are being targeted the most by cybercriminals, explains the damage […]
Continue ReadingA new cybercrime outfit that calls itself RansomHouse is attempting to carve out a niche of the cyber extortion market for itself by hitting organizations, stealing their data, and offering to delete it and provide a full report on how and what vulnerabilities were exploited in the process – all for a fee, of course. […]
Continue Reading