Pierluigi Paganini
January 22, 2025
Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024. Threat actors used their own Microsoft 365 tenants and exploited a default Teams setting allowing […]
Pierluigi Paganini
January 13, 2025
FunkSec, a new ransomware group that attacked more than 80 victims in December 2024, was developed using AI tools. The FunkSec ransomware-as-a-service (RaaS) group has been active since late 2024, the gang published over 85 victims in December 2024. The group likely used AI-based systems to quickly develop advanced tools, blending hacktivism and cybercrime. However, […]
Pierluigi Paganini
December 26, 2024
A ransomware attack on Pittsburgh Regional Transit (PRT) was the root cause of the agency’s service disruptions. On December 23, 2024, Pittsburgh Regional Transit (PRT) announced it was actively responding to a ransomware attack that was first detected on Thursday, December 19. Pittsburgh Regional Transit (PRT) is the public transportation agency that serves the Pittsburgh […]
Pierluigi Paganini
December 17, 2024
Texas Tech University reports a data breach affecting 1.4 million, exposing personal, health, and financial data from its health sciences centers. Texas Tech University disclosed a data breach that impacted over 1.4 million individuals following a cyber attack. The security breach exposed the personal, health, and financial data from its health sciences centers, the Health […]
Pierluigi Paganini
November 27, 2024
Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries and dismantled 134,089 malicious networks. A joint law enforcement operation by INTERPOL and AFRIPOL across 19 African countries, dubbed Operation Serengeti, led to the arrest of 1,006 suspects. The authorities dismantled 134,089 malicious infrastructures and networks. “Operation Serengeti (2 September – 31 October) targeted criminals […]
Pierluigi Paganini
November 19, 2024
Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges. According to the DoJ, the […]
Pierluigi Paganini
November 19, 2024
A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The organization launched an investigation into the incident with the help of a cybersecurity firm. The healthcare center discovered that a threat actor […]
Pierluigi Paganini
November 08, 2024
Texas oilfield supplier Newpark Resources suffered a ransomware attack that disrupted its information systems and business applications. Texas oilfield supplier Newpark Resources revealed that a ransomware attack on October 29 disrupted access to some of its information systems and business applications. The company immediately activated its cybersecurity response plan and launched an investigation into the […]
Pierluigi Paganini
November 04, 2024
The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services. On July 29, 2024, the City published an update on the City’s website and confirmed that the […]
Pierluigi Paganini
October 25, 2024
The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. On February 21, a cyber attack disrupted IT operation of the healthcare organization, more than […]
Cyber Crime / November 25, 2025
