More Ransomware Victims Are Declining to Pay Extortionists
The number of victims who opt to pay a ransom appears to have declined to a record low. During the last three months of 2023, an average of 29% of organizations hit by ransomware paid a ransom, said ransomware incident response firm Coveware, based on thousands of cases on which it worked. In the same…
Black Kite Unveils Monthly Ransomware Dashboards
Black Kite, the leader in third-party cyber risk intelligence, today unveiled the industry’s first monthly ransomware dashboard, featuring crucial insights for security teams, media, analysts, and other industry leaders. The resource provides data, graphs, trends, and key insights from Black Kite’s threat intelligence team about the top ransomware groups, their victims, and attack patterns. Black…
Russian Hacker Sentenced to Over 5 Years in US Prison
A U.S. federal judge sentenced a Russian national to five years and four months in prison for his role in developing TrickBot malware, which is used to target businesses, schools and hospitals across the country. Vladimir Dunaev in the U.S. District Court for the District of Northern Ohio in December pleaded guilty to one count…
UK Intelligence Agency Warns of Mounting AI Cyberthreat
Generative artificial intelligence-enabled ransomware and nation-state hacks in the United Kingdom are “almost certainly” likely to surge after this year, the National Cyber Security Center warned. And British lawmakers called on the government to roll out measures to prevent AI scams. In a report evaluating the cyber risk posed by artificial intelligence, the NCSC evaluated…
Medusa group steps up ransomware activities
A fast rising ransomware outfit is escalating its activities and has launched a new blog offering victims a variety of payoff options, according to a report released Thursday by Palo Alto Networks’ Unit 42. The new Medusa Blog is used by the group to post stolen data with the threat of exposing the data if…
Microsoft disables online Windows App Installer after attackers abuse it
Microsoft has disabled the App Installer functionality that allowed Windows 10 apps to be installed directly from a web page by clicking on a link that used the ms-appinstaller URI scheme. This functionality has been heavily abused in recent months by different threat actors to deploy ransomware and other malicious implants. “Threat actors have likely…
BlackCat Ransomware ‘Unseizing’ a Dark Web Stunt
The BlackCat ransomware-as-a-service operation’s putative “unseizing” of its leak site from the FBI is a stunt made possible by way the dark web handles address resolution, security researchers said Monday. The stunt was a “tactical error” that could alienate affiliates. U.S. authorities as part of an international law enforcement operation announced Monday morning that they…
Expert warns of Turtle macOS ransomware
The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat. However, the malicious code was generally detected as “Other:Malware-gen”, “Trojan.Generic”, or…
British Library Confirms Ransomware Attack Caused Outages
After announcing that it had experienced a major outage at the beginning of the month, The British Library confirmed on Nov. 14 that the disruption was due to a ransomware attack. And recovery has been slow. Three weeks after the attack, the library’s website is still offline. The IT outage affects the library’s online systems,…
Rackspace Ransomware Costs Soar to Nearly $12M
Financial disclosures filed over the past year show that Rackspace Technology has continued to rack up expenses and losses following last year’s December ransomware attack on one of its hosted Microsoft Exchange servers. So far, the incident costs have soared well into eight figures. Rackspace is a Texas-based, cloud computing services provider, largely for small…
