A recent cybercriminal campaign from the Cuba ransomware group has displayed new capabilities and attack scope. Researchers claimed that the most destructive operation that the group operates is against a United States critical infrastructure and an Information Technology integrator in Latin America. This notorious ransomware group has been rampaging these past few months and attacked...Continue Reading

The Greater Manchester Police (GMP) disclosed that they had fallen victim to a ransomware attack, resulting in the compromise of the personal information of some of their employees. The law enforcement agency stated that the attack occurred earlier this week and targeted one of their third-party suppliers. However, they have kept the name of the...Continue Reading

A new malicious campaign that distributes variants of the Scarab ransomware has leveraged a new malicious toolset called Spacecolon. Researchers explained that this new campaign is a global operation and does not attack a specific region. Based on reports, the toolset could acquire entry to a targeted organisation by exploiting flawed web servers or utilising...Continue Reading

In the ever-evolving landscape of cybersecurity threats, ransomware attacks have emerged as a formidable menace. Recent revelations from new research reports shed light on the trends in ransomware attacks. Based on reports, there was a surge in ransomware incidents within the United Kingdom and worldwide during the first half of 2023.   Ransomware attacks in...Continue Reading

A research group has rolled out a free decryption tool to aid organisations that have fallen victim to the Key Group ransomware campaigns. Based on reports, the victims could acquire the free decryptor and recover their data without complying with the actors’ ransom demands. The ransomware group is a Russian-speaking cybercriminal organisation notorious for selling...Continue Reading

A new cybercriminal campaign where hackers exploit poorly managed Microsoft SQL servers distributes the FreeWorld ransomware. Researchers of this campaign call it DB#JAMMER, and it displays a new toolset and infrastructure for its attack process. Based on reports, the threat actors could gain initial access to a targeted host by executing a brute-force tactic to...Continue Reading

The FIN8 ransomware group is allegedly the threat actor that exploits the CVE-2023-3519 RCE flaw to compromise unpatched Citrix NetScaler systems. A security researcher has been observing the campaign this month, reporting that the attackers execute payload injections, leverage BlueVPS for malware stating, launch obfuscated PowerShell scripts, and deploy PHP webshells on targeted devices. The...Continue Reading

The Cl0p ransomware operators have changed their extortion tactic to apply more pressure on the victims of its recent MOVEit cybercriminal campaigns. The notorious group has compromised about 597 organisations by exploiting a zero-day flaw in the MOVEit secure transfer file platform. Last month, it started to extort its victims by including their identities on...Continue Reading

The Rhysida ransomware group has claimed the massive cyberattack on Prospect Medical Holdings. Based on reports, the incident has resulted in the heist of 500,000 corporate documents, social security numbers, and patient records. Researchers believe the attack happened earlier this month after the affected entity’s employees found ransom notes on their screens saying that their...Continue Reading

An Illinois-based healthcare institution has notified individuals that they have suffered a data breach incident after the Royal ransomware group added it to its list of victims. Based on reports, the attack could impact nearly 250,000 people and their personal information. The affected entity is Morris Hospital & Healthcare Centers. It revealed that they had...Continue Reading