Bridgestone Americas confirms ransomware attack, LockBit leaks data
A cyberattack on Bridgestone Americas, one of the largest manufacturers of tires in the world, has been claimed by the LockBit ransomware gang. [...]
Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.
Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.
A cyberattack on Bridgestone Americas, one of the largest manufacturers of tires in the world, has been claimed by the LockBit ransomware gang. [...]
A cyberattack on Bridgestone Americas, one of the largest manufacturers of tires in the world, has been claimed by the LockBit ransomware gang. [...]
He's the fifth member of the REvil ransomware gang to get busted in the past year.
US to try former Canadian government employee accused of ransomware attacks
The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded...
Lapsus group appears to have compromised new targets
More than $28m in crypto-coins found in home, it is claimed US prosecutors on Thursday said they have extradited a Canadian man to America to face charges that he conspired to distribute ransomware.…
Not only is this payback sweet, it gives network defenders valuable intelligence It was a Ukrainian security specialist who apparently turned the tables on the notorious Russia-based Conti, and leaked the ransomware gang's source code, chat logs, and tons of other sensitive data about the gang's operations, tools, and costs. …
Sebastien Vachon-Desjardins of Gatineau, Quebec, Canada, allegedly responsible for some $28 million in ransomware losses from victims in the US.
The U.S. Department of Justice announced that alleged REvil ransomware affiliate, Yaroslav Vasinskyi, was extradited to the United States last week to stand trial for the Kaseya cyberattack. [...]
Defendant indicted over deployment of REvil ransomware arrives in America
Latest episode - listen now!
Little doubt about US federal court outcome A Ukrainian national alleged to be a member of the REvil ransomware gang has been extradited to the US and charged with multiple criminal offences.…
The Iranian state-sponsored threat actor known as MuddyWater has been attributed to a new swarm of attacks targeting Turkey and the Arabian Peninsula with the goal of deploying remote access trojans (RATs) on compromised systems
FinCEN warns financial institutions to beware of unusual cryptocurrency payments or illegal transactions Russia may use to evade restrictions imposed due to its invasion of Ukraine.
Let's blame the victim. IT decision makers' confidence about security doesn't jibe with their concession that repeated incidents are their own fault, says ExtraHop's Jamie Moles.
Report dives into recent leak of internal data on ransomware group
Yaroslav Vasinskyi, a Ukrainian national, linked to the Russia-based REvil ransomware group has been extradited to the U.S. to face charges for his role in carrying out the file-encrypting malware attacks against several companies, including Kaseya last July
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated the alert on Conti ransomware with indicators of compromise (IoCs) consisting of close to 100 domain names used in malicious operations. [...]
Bureau releases indicators of compromise for the RagnarLocker ransomware that has hit 10 different critical infrastructure sectors.