Security news aggregator

Latest coverage for RansomHub

RansomHub is a ransomware operation covered through reported incidents, technical analysis, disruption efforts, and defensive guidance.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

RansomHub is the name used for a ransomware operation and associated malware in cybersecurity reporting. The tag covers reported intrusions and extortion claims, malware and infrastructure analysis, possible disruption or law-enforcement activity, and defensive guidance. Because ransomware names can be applied inconsistently to related tools or campaigns, readers should verify technical indicators and source reporting before treating an incident as attributable to RansomHub.

For defenders, relevant work includes monitoring threat-intelligence reporting for validated hashes, domains, behaviors, and intrusion evidence; rapidly patching exposed systems where a confirmed vulnerability is involved; and preserving endpoint, identity, network, and cloud logs for investigation. If encryption or unauthorized access is suspected, isolate affected systems without destroying evidence, revoke potentially exposed credentials, assess whether data was accessed rather than relying on an extortion claim, and recover from tested offline or otherwise protected backups. Confirmed data exposure may also require privacy, contractual, or regulatory assessment.

Showing 6 most recent headlines Filtered view
The Register 1 year, 10 months ago

RansomHub hits 210 victims in just 6 months

The ransomware gang recruits high-profile affiliates from LockBit and ALPHV As RansomHub continues to scoop up top talent from the fallen LockBit and ALPHV operations while accruing a smorgasbord of victims, security and law enforcement agencies in the US feel it's time to issue an official warning about the group that's gunning for ransomware supremacy.…

Bank Info Security 1 year, 10 months ago

RansomHub Hits Powered by Ex-Affiliates of LockBit, BlackCat

Feds Count Over 200 Known US Victims of Ransomware Group That Launched in FebruaryBeware a surge in attacks tied to a ransomware group called RansomHub that's recruited affiliates from down-or-out operations LockBit and BlackCat and successfully crypto-locked systems at more than 200 organizations nationwide, including critical infrastructure, the U.S. government warned.

Bank Info Security 1 year, 10 months ago

Florida Department of Health Informs RansomHub Hack Victims

Cybercriminal Group Claims to Have Published 100 Gigabytes of Agency's Stolen DataTwo months after RansomHub claimed to have published 100GBs of its stolen data on the dark web, the Florida Department of Health is notifying citizens that their sensitive information has been compromised. The attack affected the vital statistics system used to issue birth and death certificates.