Ingram Micro outage caused by SafePay ransomware attack
An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. [...]
Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.
Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.
An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. [...]
Some admins of Hunters International are now part of the encryption-less cyber extortion group World Leaks
Also, Spain Arrests Hacker Behind Leaks Targeting Politicians and JournalistsThis week, Chinese sites mimicked brands, Spain arrested data leak hackers, Swiss health nonprofit ransomware attack, ICC probed a cyberattack, UNFI restored systems, a flaw in smart tractors, RomCom RAT. A U.K. man sentenced for locking employer out of network. A WordPress hack installs a Trojan.
Cybercrime Experts Greet Announcement With SkepticismHunters International said Thursday it closed shop, provoking skepticism among cybercrime experts who said it's more likely the Russian-speaking hackers behind the ransomware group will start up again under a new brand name. "Ransomware groups often rebrand themselves."
IdeaLab is notifying individuals impacted by a data breach incident last October when hackers accessed sensitive information. [...]
The insurance SaaS slinger may trade under a different name, but past continues to haunt it Young Consulting's cybersecurity woes continue after the number of affected individuals from last year's suspected ransomware raid passed the 1 million mark.…
ReliaQuest warns that initial access vulnerability exploitation is driving successful ransomware attacks
Don't let their kind words sway you – leaders are still up to no good Ransomware gang Hunters International has shut up shop and offered decryption keys to all victims as a parting favor.…
The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data without paying a ransom. [...]
In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer.
An ex-ransomware negotiator is under criminal investigation by the Department of Justice for allegedly working with ransomware gangs to profit from extortion payment deals. [...]
Aeza Group accused of assisting data bandits and BianLian ransomware crooks The US Treasury has sanctioned Aeza Group, a Russian bulletproof hosting (BPH) provider, and four of its cronies for enabling ransomware and other cybercriminal activity.…
The Treasury said that Aeza Group has provided infrastructure services for notorious infostealer and ransomware operators
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has levied sanctions against Russia-based bulletproof hosting (BPH) service provider Aeza Group to assist threat actors in their malicious activities and targeting victims in the country and across the world
Cyber insurance companies were forced to adapt once ransomware skyrocketed and highlighted crucial security weaknesses among organizations in all sectors.
The U.S. Department of the Treasury has sanctioned Russian hosting company Aeza Group and four operators for allegedly acting as a bulletproof hosting company for ransomware gangs, infostealer operations, darknet drug markets, and Russian disinformation campaigns. [...]
Russian Bulletproof Host Also Designated a Front Company in the UKThe United States cut off from the U.S.-dominated international financial system a Russian provider of digital infrastructure to cybercriminal groups, accusing St. Petersburg-based Aeza Group of hosting infostealers and ransomware operations. The U.S. said Aeza is a bulletproof hosting service.
Building automation giant Johnson Controls is notifying individuals whose data was stolen in a massive ransomware attack that impacted the company's operations worldwide in September 2023. [...]
The threat actor Sarcoma has been held responsible for a ransomware attack on a Swiss health foundation
Horizon Healthcare RCM Hints at Paying Ransom in Data Theft IncidentHorizon Healthcare RCM is the latest revenue cycle management software vendor to report a health data breach involving ransomware and data theft. The firm's breach notification statement suggests that the company paid a ransom to prevent the disclosure of its stolen information.