Security news aggregator

Latest coverage for Black Basta

Black Basta is a ransomware operation; coverage examines reported incidents, technical analysis, disruption, and defensive guidance for organizations.

107 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Black Basta is a ransomware operation that encrypts victims’ data and threatens to publish stolen information to pressure payment. The group is known for combining data encryption with data theft, increasing the impact on targeted organizations. Their attacks often involve exploiting vulnerabilities or compromised remote access to deploy ransomware payloads designed to evade detection and maximize disruption.

Security teams should focus on controlling remote access with multi-factor authentication, applying timely patches to known vulnerabilities, and segmenting networks to limit ransomware spread. Monitoring for indicators of compromise related to Black Basta’s tactics, such as unusual file encryption activity or data exfiltration, can help detect and contain incidents early. Understanding this dual-threat approach is critical for prioritizing defenses and response efforts against this ransomware family.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 107 Filtered view
Bank Info Security 5 months, 4 weeks ago

Ransomware 'Most Wanted': Cops Seek Head of Black Basta

Crackdown Targets Multiple Members of Cybercrime Group, Including 'Hash Crackers'Police raided two suspected members of the notorious Black Basta ransomware group - tied to over 600 victims worldwide and many millions in ransom payments - in Ukraine and issued an international arrest warrant for the Russian national suspected of being the operation's founder and ringleader.

Defunct Ransomware Group's Diaspora Includes Hackers With Focus on Microsoft TeamsBased on intelligence gleaned from the leak of Black Basta ransomware messages, researchers are warning organizations to beware phishing attacks launched via Microsoft partner domains and via Teams, as well as the targeting of personal Google accounts accessed via corporate devices.

After Disrupting Ascension Health, Black Basta Forecast Reprisals From FBI, Moscow"We are pentesters, not murderers," ransomware group Black Basta claimed in its negotiations with victim Ascension Healthcare in May 2024, after its attack led to widespread disruptions and patient safety alerts. Leaked chat logs reveal the group feared resulting reprisals from the FBI and Moscow.

Also: U.S. Health Data Privacy Crackdowns, Reality vs. Hype of LLMs in SecurityIn this week's update, four editors with ISMG explore the crumbling state of ransomware group Black Basta and implications for other cybercrime gangs, the expanding impact of U.S. health data privacy laws, and whether large language models are truly what they seem.

Loading more headlines...