21 threads tagged with “ransomware”
Akira ransomware listed Apache OpenOffice on their leak site claiming 23GB of stolen data including employee PII (addresses, DOB, driver's licenses, SSN, credit cards), financial records, and internal…
Category: Threat Alerts / Malware & Ransomware / Malware & Ransomware
Maritime industry (90% of global trade) facing escalating cyber incidents. What's brutal: 23,400 malware detections and 178 ransomware attacks across 1,800 vessels in H1 2024 alone, causing operationa…
Category: Threat Alerts / Critical Infrastructure / Maritime Security
Swedish power grid operator Svenska kraftnät confirmed a data breach tied to the Everest ransomware group. The attack affected a limited external file transfer system but did not disrupt grid operatio…
Category: Breach / Critical Infrastructure / Energy Sector
Everest ransomware group released sensitive records allegedly stolen from AT&T and Dublin Airport, including passenger manifests and operational data. The leak follows previous attacks attributed to t…
Category: Breach / Data Exposure / Ransomware Leak
LockBit 5.0 has re-emerged as a dominant ransomware operation, with NCC Group and Check Point data showing a 28% rise in global ransomware incidents. Despite a previous multinational takedown, the gro…
Category: Threat Intelligence / Ransomware / LockBit Operations
GovInfoSecurity reports Everest threatened release of 1.5M Dublin Airport passenger records, linked to the September Muse software incident affecting multiple EU airports. Conflicting narratives sugge…
Category: Threat Alerts / Malware & Ransomware / Malware & Ransomware
Industrial Cyber notes Qilin reached 700 attacks in 2025, with heavy impact on manufacturing, government, education, and healthcare. Data theft totals exceed 116 TB, with the U.S. the most targeted. A…
Category: Threat Alerts / Malware & Ransomware / Malware & Ransomware
Check Point’s weekly bulletin highlights multiple incidents: Toys 'R' Us Canada breach, Askul ransomware disrupting logistics, Verisure data breach via billing partner, LastPass-themed phishing tied t…
Category: Threat Alerts / Threat Intelligence / Threat Intelligence
The Safepay ransomware group claimed responsibility for breaching German surveillance provider Xortec, listing the company on its leak site with a ransom deadline of October 27, 2025. The attack highl…
Category: Threat Alerts / Ransomware / Ransomware
The Everest ransomware group claims to have stolen over 1.5 million passenger records from Dublin Airport and employee data from Air Arabia. The leak, part of an ongoing aviation-targeting campaign, u…
Category: Threat Alerts / Ransomware / Ransomware
Check Point researchers have confirmed the resurgence of the LockBit ransomware group with the release of LockBit 5.0, targeting organizations across multiple continents. The new variant introduces en…
Category: Threats / Ransomware / LockBit
CrowdStrike’s State of Ransomware survey highlights a widening confidence gap: while half of 1,100 leaders believe they’re “very well prepared,” 78% were attacked in the last year and only 22% restore…
Category: Industry News / Research & Tools / Research & Tools
ReliaQuest reports RaaS operators increasingly bundle AI‑powered tooling for affiliates, shrinking breakout time from 48 minutes in 2024 to ~18 minutes mid‑2025. LockBit and DragonForce gain share wit…
Category: Threat Alerts / Malware & Ransomware / Malware & Ransomware
Australian hydraulics supplier Aussie Fluid Power confirmed a security incident following Anubis’ claim of a ransomware attack. The company engaged forensics, reported to ACSC, and is notifying potent…
Category: Threat Alerts / Malware & Ransomware / Malware & Ransomware
Askul, a major Japanese retailer and logistics operator, suspended online orders and shipments across brands (Askul, Lohaco, Soloel Arena) following a ransomware attack that crippled systems. Ripple e…
Category: Threat Alerts / Malware & Ransomware / Malware & Ransomware
Microsoft’s Digital Defense Report highlights the dominance of financially motivated threats, with over half of investigated incidents tied to extortion/ransomware and a surge in identity attacks driv…
Category: Industry News / Research & Tools / Research & Tools
The Qilin ransomware group announced new victims, including Spain’s tax agency, Turnkey Africa, and multiple U.S. organizations. Resecurity’s report highlights Qilin’s reliance on bulletproof hosting …
Category: Threat Intelligence / Ransomware / Ransomware
Michigan City, Indiana confirmed a ransomware attack that forced systems offline on September 23, later claimed by the Obscura group, which alleges theft of 450 GB of data. Officials report ongoing fo…
Category: Threat Alerts / Incident Response & DFIR / Ransomware Incidents
Unit 42 documents a BlackSuit ransomware intrusion operated by Ignoble Scorpius. Initial access via vishing-led credential theft enabled VPN login, followed by DCSync to steal privileged creds, latera…
Category: Threat Alerts / Malware & Ransomware / Ransomware TTPs
Check Point Research’s 13 October threat bulletin aggregates multiple high-impact events across sectors. Qilin ransomware claimed responsibility for an intrusion at Asahi (Japan), exfiltrating ~27GB a…
Category: Threat Alerts / Threat Intelligence / Threat Intelligence
Clop ransomware listed Harvard University on its leak site, claiming imminent data release. The group is known for double extortion and large-scale campaigns like MOVEit and Accellion.
Category: Threat Alerts / Malware & Ransomware / Malware & Ransomware