Pierluigi Paganini June 22, 2024
Experts found a bug in the Linux version of RansomHub ransomware

The RansomHub ransomware operators added a Linux encryptor to their arsenal, the version targets VMware ESXi environments. RansomHub ransomware operation relies on a new Linux version of the encrypted to target VMware ESXi environments. Although RansomHub only emerged in February 2024, it has rapidly grown and has become the fourth most prolific ransomware operator over […]

Pierluigi Paganini June 18, 2024
The Financial Dynamics Behind Ransomware Attacks

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Initially, these attacks involved malicious software that encrypts a victim’s data, rendering it inaccessible until a ransom is paid to the attackers. Today, this tactic has evolved, where ransomware operators in nearly every case first exfiltrate […]

Pierluigi Paganini June 04, 2024
A ransomware attack on Synnovis impacted several London hospitals

A ransomware attack that hit the provider of pathology and diagnostic services Synnovis severely impacted the operations of several London hospitals. A ransomware attack on pathology and diagnostic services provider Synnovis has severely impacted the operations at several major NHS hospitals in London. The attack forced the impacted hospitals to cancel some healthcare procedures, in […]

Pierluigi Paganini May 14, 2024
Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. New Jersey’s Cybersecurity and Communications Integration Cell (NJCCIC) reported that since April, threat actors used the the Phorpiex botnet to send millions of phishing emails as part of a LockBit Black ransomware campaign. The botnet has been active […]

Pierluigi Paganini May 12, 2024
As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Advisory (CSA) regarding the Black Basta ransomware activity as part of the StopRansomware initiative. Black Basta has targeted at least 12 critical infrastructure sectors, including […]

Pierluigi Paganini May 07, 2024
Law enforcement agencies identified LockBit ransomware admin and sanctioned him

The FBI, UK National Crime Agency, and Europol revealed the identity of the admin of the LockBit operation and sanctioned him. The FBI, UK National Crime Agency, and Europol have unmasked the identity of the admin of the LockBit ransomware operation, aka ‘LockBitSupp’ and ‘putinkrab’ , and issued sanctions against him. It was the first time that […]

Pierluigi Paganini May 04, 2024
Blackbasta gang claimed responsibility for Synlab Italia attack

The Blackbasta extortion group claimed responsibility for the attack that in April severely impacted the operations of Synlab Italia. Since April 18, Synlab Italia, a major provider of medical diagnosis services, has been experiencing disruptions due to a cyber attack. The company initially cited technical issues as the cause leading to “temporary interruption of access […]

Pierluigi Paganini May 03, 2024
LockBit published data stolen from Simone Veil hospital in Cannes

LockBit ransomware operators have published sensitive data allegedly stolen from the Simone Veil hospital in Cannes. In April, a cyber attack hit the Hospital Simone Veil in Cannes (CHC-SV), impacting medical procedures and forcing personnel to return to pen and paper. Non-urgent surgical procedures and consultations scheduled at the time of the attack were postponed. The French […]

Pierluigi Paganini April 26, 2024
Sweden’s liquor supply severely impacted by ransomware attack on logistics company

A ransomware attack on a Swedish logistics company Skanlog severely impacted the country’s liquor supply.  Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5% alcohol by volume. It operates stores across Sweden and is responsible […]

Pierluigi Paganini April 04, 2024
Jackson County, Missouri, discloses a ransomware attack

Jackson County, Missouri, confirmed that a ransomware attack has disrupted several county services. A ransomware attack disrupted several services of the Jackson County, Missouri. The County Executive Frank White, Jr. declared a state of emergency. “Jackson County has confirmed a ransomware attack was responsible for the disruption of several county services today.” reads the statement […]