Hackers Weaponize SEC Disclosure Rules Against Corporate Targets
Ransomware group BlackCat/ALPHV files SEC complaint against its latest victim, putting an audacious new twist on cyber extortion tactics.
BlackCat is a ransomware family covered through reported incidents, technical analysis, disruption efforts, and defensive guidance for security teams.
Search across headline titles and summaries.
Background for this topic.
BlackCat is a ransomware family known for its advanced encryption and modular design, enabling customization by operators. It targets enterprise environments by encrypting files and demanding cryptocurrency payments for decryption keys. BlackCat’s code supports multiple encryption algorithms and can adapt to different network architectures, increasing its effectiveness and evasion capabilities.
Security teams should monitor for signs of BlackCat’s multi-stage attacks, which often include credential compromise, lateral movement, and data exfiltration before encryption. Defenses that limit privilege escalation, enforce network segmentation, and detect unusual file access or encryption activity are critical. Understanding BlackCat’s tactics helps prioritize threat hunting and incident response efforts focused on preventing or mitigating ransomware impact in complex enterprise networks.
Ransomware group BlackCat/ALPHV files SEC complaint against its latest victim, putting an audacious new twist on cyber extortion tactics.
Learn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later.
Ransomware Group Says MeridianLink Didn't Tell SEC About Cyberattack Within 4 DaysThe BlackCat ransomware group tattled to U.S. federal regulators about an alleged victim not disclosing a material cyberattack within four business days. The group, also known as Alphv, listed MeridianLink on its data leak site and threatened to leak stolen data.
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released an advisory about the evasive threat actor tracked as Scattered Spider, a loosely knit hacking collective that now collaborates with the ALPHV/BlackCat Russian ransomware operation.. [...]
Ransomware Group Says MeridianLink Didn't Tell SEC About Cyberattack Within 4 DaysThe BlackCat ransomware group tattled to U.S. federal regulators about an alleged victim not disclosing a material cyberattack within four business days. The group, also known as Alphv, listed MeridianLink on its data leak site and threatened to leak stolen data.
Ads for Slack and Cisco AnyConnect actually downloaded Nitrogen malware Affiliates of the ALPHV/BlackCat ransomware-as-a-service operation are turning to malvertising campaigns to establish an initial foothold in their victims' systems.…
BlackCat tries unusual extortion technique
The ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack. [...]
Nitrogen serves as initial-access malware, using obfuscated Python libraries for stealth
Michigan Healthcare Provider Faces 7 Federal Lawsuits in Alphv/BlackCat Data TheftMcLaren Health Care is notifying nearly 2.2 million people of a data breach weeks after ransomware group Alphv/BlackCat claimed to have stolen 6 terabytes of patient records in a recent attack. In the meantime, the number of lawsuits filed against McLaren related to the incident continues to climb.