#ransomware

[ follow ]
#data-breach
UK news
fromwww.theguardian.com
4 days ago

Kido nursery hackers say they have deleted stolen data

Radiant deleted stolen Kido nursery children's data after exposure; the gang lost credibility and Kido refused to pay the ransom while authorities advised against payments.
Information security
fromTheregister
1 week ago

Volvo NA staff data stolen in third-party ransomware attack

Volvo North America employee names and social security numbers were exposed after a ransomware attack on HR system provider Miljödata.
#oracle-e-business-suite
fromIT Pro
4 days ago
Information security

Google warns executives are being targeted for extortion with leaked Oracle data

fromIT Pro
4 days ago
Information security

Google warns executives are being targeted for extortion with leaked Oracle data

Information security
fromTechzine Global
4 hours ago

Minimizing liability is not the same as security: Lessons learned from Collin's Aerospace cyberattack

A ransomware attack on Collins Aerospace's ARINC vMUSE disrupted European airport check-in systems, exposing vendor security and supply-chain vulnerabilities that require modernization and resilience.
Information security
fromSecurityWeek
6 hours ago

Beer Giant Asahi Says Data Stolen in Ransomware Attack

Asahi Group Holdings experienced a ransomware attack that caused week-long outages at domestic subsidiaries, disrupting orders, shipments, call centers, and resulting in data exfiltration.
UK news
fromwww.theguardian.com
1 day ago

Six out of 10 UK secondary schools hit by cyber-attack or breach in past year

UK educational institutions face disproportionately high cyber-attacks, with schools and universities frequently targeted by phishing, access-broker-facilitated breaches, and ransomware.
Information security
fromTheregister
2 days ago

No suds for you! Asahi attack leaves Japanese drinkers dry

A ransomware attack disabled Asahi's Japanese distribution and call-center systems, forcing manual order processing and causing domestic supply shortages while investigations continue.
#cyberattack
Information security
fromwww.theguardian.com
3 days ago

Japan days away from running out of Asahi Super Dry due to cyber attack reports

Asahi Group faces near depletion of flagship Super Dry within days after a ransomware attack halted production at most of its 30 domestic breweries.
#cybersecurity
Information security
fromTechCrunch
3 days ago

Hackers are sending extortion emails to executives after claiming Oracle apps' data breach | TechCrunch

Clop-linked hackers claim to have stolen sensitive data from Oracle E-Business Suite and are sending extortion emails to executives at numerous large organizations.
#google-drive
fromZDNET
6 days ago
Artificial intelligence

Google releases AI-powered ransomware detection features for cloud files

fromZDNET
6 days ago
Artificial intelligence

Google releases AI-powered ransomware detection features for cloud files

Information security
fromAbove the Law
5 days ago

When Ransomware Meets AI: The Next Frontier Of Cyber Extortion - Above the Law

Generative AI dramatically lowers the technical barrier to ransomware, creating fast, automated attacks that pose legal, operational, and reputational threats to law firms and clients.
fromWIRED
6 days ago

Google's Latest AI Ransomware Defense Only Goes So Far

Ransomware attacks have loomed for years as an urgent digital threat with no easy solution -especially as they have evolved to include data grab-and-leak attacks that may not even involve data-encrypting malware at all. Traditional ransomware that locks up files and systems is still rampant, though, and Google on Tuesday launched a new defense for its Google Drive for desktop apps that aims to quickly detect ransomware activity and halt cloud syncing before an infection can spread.
Information security
#phishing
fromZDNET
1 week ago
Information security

Phishing training doesn't stop your employees from clicking scam links - here's why

fromZDNET
1 week ago
Tech industry

Employees learn nothing from phishing security training, and this is why

fromZDNET
1 week ago
Privacy professionals

Employees learn close to nothing from phishing training, and this is why

fromZDNET
1 week ago
Information security

Phishing training doesn't stop your employees from clicking scam links - here's why

fromZDNET
1 week ago
Tech industry

Employees learn nothing from phishing security training, and this is why

fromZDNET
1 week ago
Privacy professionals

Employees learn close to nothing from phishing training, and this is why

Information security
fromwww.bbc.com
1 week ago

'You'll never need to work again': Criminals offer reporter money to hack BBC

Criminal gangs recruit insiders by offering employees a percentage of ransom payments in exchange for login credentials and PC access to facilitate ransomware attacks.
Healthcare
fromDataBreaches.Net
1 week ago

ApolloMD notifies patients of 11 physician practices affected by a June cyberattack - DataBreaches.Net

Qilin claimed to possess 238 GB of ApolloMD files and threatened to publish them; ApolloMD later confirmed unauthorized access but no leaked download appeared.
Information security
fromSecurityWeek
1 week ago

In Other News: LockBit 5.0, Department of War Cybersecurity Framework, OnePlus Vulnerability

New Department of War CSRMC, Dragos Platform 3.0, a 3-million-record Lotte Card breach, and LockBit ransomware developments mark notable cybersecurity events.
fromTheregister
1 week ago

LockBit's new variant is 'most dangerous yet'

The Windows variant now loads payloads via DLL reflection and employs aggressive anti-analysis packing; the Linux variant accepts command-line directives to tailor which directories and file types to hit; and the ESXi version is built to seize virtualization infrastructure by encrypting VMs. What's more, each encrypted file is stamped with a random 16-character extension, a move designed to make restoring your data even more of a nightmare.
Information security
fromSecurityWeek
1 week ago

RTX Confirms Airport Services Hit by Ransomware

The company said in an SEC filing that it became aware of the cybersecurity incident on September 19. The disclosure does not mention Collins Aerospace, the subsidiary that offers the impacted airport check-in and boarding solutions. RTX confirmed that customers have resorted to backup and manual processes, which has led to flights being delayed and cancelled. The company explained that ransomware was found on "systems that support its Multi-User System Environment (MUSE) passenger processing software," adding, "This software enables multiple airlines to share check-in and gate resources at airports, including baggage handling.
Information security
#collins-aerospace
fromTechCrunch
2 weeks ago
Information security

EU cyber agency confirms ransomware attack causing airport disruptions | TechCrunch

fromTechCrunch
2 weeks ago
Information security

EU cyber agency confirms ransomware attack causing airport disruptions | TechCrunch

Information security
fromThe Verge
1 week ago

UK arrests man in airport ransomware attack that caused delays across Europe

A man in his forties was arrested on conditional bail over a ransomware attack on Collins Aerospace's MUSE system that disrupted European airport check-ins.
#cybercrime
#airports
fromTechCrunch
1 week ago
Miscellaneous

UK police arrest man linked to ransomware attack that caused airport disruptions in Europe | TechCrunch

fromTechCrunch
1 week ago
Miscellaneous

UK police arrest man linked to ransomware attack that caused airport disruptions in Europe | TechCrunch

#aviation
Information security
fromThe Hacker News
1 week ago

How One Bad Password Ended a 158-Year-Old Business

A single easily guessed password allowed Akira ransomware to cripple KNP Logistics, destroy backups, demand £5 million, and force administration, costing 700 jobs.
Information security
fromSecurityWeek
1 week ago

European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested

A HardBit ransomware variant infected Collins Aerospace systems, causing major European airport disruptions, persistent reinfections, and attribution complications due to affiliate sharing.
Information security
fromwww.bbc.com
1 week ago

Man arrested in connection with airport cyber-attacks

A 40-year-old man was arrested in West Sussex over a cyber-attack on Collins Aerospace that disrupted airport check-in and baggage systems, causing widespread flight delays.
Healthcare
fromSecuritymagazine
1 week ago

Disabling Hospital HVAC Is Now a Bargaining Chip in Ransomware

Many healthcare Building Management Systems are outdated, internet-exposed, and contain known exploited vulnerabilities that could enable cyberattacks affecting patient safety.
Miscellaneous
fromTechCrunch
1 week ago

European airports still dealing with disruptions days after ransomware attack | TechCrunch

Ransomware attack on Collins Aerospace disrupted check-in and boarding systems at multiple European airports, causing widespread flight delays and manual workarounds.
fromPrx
1 week ago

The World

The 80th session of the United Nations General Assembly is in New York this week. One issue that's at the top of the agenda is connected to the war in Gaza. Several countries announced over the weekend that they will formally recognize a state of Palestine. Other US allies are doing the same this week. Also, from London to Brussels and Berlin, some of Europe's biggest airports are grappling with a ransomware attack that has caused delays and cancellations.
World news
#scattered-spider
fromwww.aljazeera.com
2 weeks ago

Cyberattack on European airports caused by ransomware, EU finds

A cyberattack that has caused major airport disruptions in the United Kingdom, Germany and Belgium was caused by ransomware, the European Union Agency for Cybersecurity (ENISA) says. In a statement on Monday, ENISA said law enforcement was involved to investigate the software that holds data until those targeted pay to have their access back.
Miscellaneous
#microsoft
Miscellaneous
fromwww.theguardian.com
2 weeks ago

Poland will shoot down objects violating its airspace, PM says, as UN security council to meet over Russian provocations Europe live

Poland will shoot down any flying objects that violate its territory, will act cautiously in ambiguous cases, and seeks assurances of allied support before escalation.
Information security
fromTheregister
2 weeks ago

Ransomware attack linked to gold heist at museum

A ransomware attack disabled a French museum's security systems, enabling thieves to steal about $705,000 in gold nuggets that were likely melted and unrecoverable.
fromThe Hacker News
2 weeks ago

Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell

In a report examining the malicious use of LLMs, the cybersecurity company said AI models are being increasingly used by threat actors for operational support, as well as for embedding them into their tools - an emerging category called LLM-embedded malware that's exemplified by the appearance of LAMEHUG (aka PROMPTSTEAL) and PromptLock. This includes the discovery of a previously reported Windows executable called MalTerminal that uses OpenAI GPT-4 to dynamically generate ransomware code or a reverse shell.
Information security
fromDataBreaches.Net
2 weeks ago

Medical Associates of Brevard notifies 246,711 patients after cyberattack - DataBreaches.Net

On January 23, 2025, the Bian Lian ransomware gang added the Medical Associates of Brevard ("MAB") to its dark web leak site. At the time, they listed the types of data they claimed to have acquired, but did not provide any screenshots or proof of claims. Months later, BianLian went offline. What happened to any data they may have exfiltrated is not currenlty known to DataBreaches, but on September 5, 2025, MAB notified HHS that 246,711 patients were affected by the incident.
fromIT Pro
2 weeks ago

The top ransomware trends for businesses in 2025

The era where two or three RaaS operators controlled the majority of incidents appears to be over - at least for now. The distinction between initial access brokers, affiliates and core operators has become increasingly blurred.
Information security
Information security
fromThe Hacker News
2 weeks ago

CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader

CountLoader is a versatile malware loader used by Russian ransomware affiliates and IABs to deliver Cobalt Strike, AdaptixC2, PureHVNC RAT, and other post-exploitation tools.
Information security
fromTheregister
2 weeks ago

UK telco Colt's cyberattack recovery seeps into November

Colt's recovery from an August Warlock ransomware attack may extend into late November, leaving key customer portals, APIs and billing functions still disrupted.
Information security
fromDataBreaches.Net
2 weeks ago

Ransomware's new frontier: Extortion attacks evolve in Asia Pacific - DataBreaches.Net

Quadruple extortion—including DDoS and third‑party pressure—is emerging in ransomware, while double extortion remains most common; APAC sees over half of data breaches from ransomware.
#lockergoga
fromIT Pro
3 weeks ago
Information security

Prolific ransomware operator added to Europe's Most Wanted list as US dangles $10 million reward

fromIT Pro
3 weeks ago
Information security

Prolific ransomware operator added to Europe's Most Wanted list as US dangles $10 million reward

Information security
fromTheregister
2 weeks ago

Ransomware crims broke in, found recovery codes in plaintext

Unencrypted recovery codes on a desktop enabled attackers to bypass MFA, compromise detection tools, steal credentials, and deploy ransomware across the network.
Information security
fromThe Hacker News
3 weeks ago

Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

CISOs must prioritize preserving institutional trust and business continuity by securing complex relationships, supply chains, and adapting to AI-driven attacks and regulatory changes.
fromDataBreaches.Net
3 weeks ago

Uvalde CISD to close most of next week due to ransomware issue - DataBreaches.Net

The Uvalde Consolidated Independent School District will close for most of next week after the district detected ransomware in its servers, according to district officials. The district will close from Sept. 15-18 and will exchange the dates it is closed with other previously scheduled non-working days integrated into the current UCISD calendar. The ransomware detected by the district is affecting several essential online systems, including phones, thermostats, camera monitoring and visitor management systems, among critical services, the district said.
Information security
Information security
fromDataBreaches.Net
3 weeks ago

Interview with Valery Rie-Marchive - Managing Leaks in Ransomware Negotiations - DataBreaches.Net

Leaked ransomware negotiations can expose attacks, undermine communication strategies, damage trust, and invite further exploitation unless crisis communication and coordination are managed promptly.
#uefi-secure-boot-bypass
East Bay (California)
fromThe Oaklandside
3 weeks ago

Yet another data-breach letter? Here's what to do

Data breaches are increasingly common, exposing personal information and undermining trust in banks while requiring individuals and institutions to adopt stronger cybersecurity and response measures.
US politics
fromThe Hacker News
3 weeks ago

Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence

Microsoft's insecure default settings and market dominance enabled ransomware attacks on U.S. critical infrastructure, prompting calls for an FTC probe.
fromSecuritymagazine
3 weeks ago

3 Major K-12 Cyber Risks and How to Mitigate Them

The biggest cyber risk to schools is our kids. Everyone talks about protecting grandma, but the reality is younger generations are the ones getting scammed the most. Gen Z in particular is impatient, naive, and easy to trick. Scam texts and calls bombard them every day, and they have not yet learned to pause and question what they are seeing.
Education
[ Load more ]