Wanted Russian Cybercriminal Linked to Hive and LockBit Ransomware Has Been Arrested
A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities in the country
Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.
Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.
A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities in the country
Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hacking groups. [...]
Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group. [...]
Qualified applicants must be able to test ransomware encryption and find bugs that might enable defenders to jailbreak the malware.
Second alleged intrusion on English NHS org systems this week Yet another of the UK's National Health Service (NHS) systems appears to be under attack, with a ransomware gang threatening to leak stolen data it says is from one of England's top children's hospitals.…
A pro-Russian hacktivist collective, CyberVolk, has launched its own ransomware-as-a-service operations, SentinelLabs has found
An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent
New Law Calls for Better Reporting, Securing Devices and Critical InfrastructureThe Australian government's proposed cybersecurity legislation passed both houses of the Parliament on Monday, formalizing the government's strategy to boost ransomware payment reporting, mandate basic cybersecurity standards for connected devices and enhance critical infrastructure security.
Blue Yonder Outage Causing Disruptions for Starbucks, Major Grocery Store ChainsMajor grocery store chains, Starbucks and other large organizations are experiencing disruptions following a ransomware attack against supply chain management service provider Blue Yonder. The provider said it's continuing to probe the attack and has no timeline for service restoration.
How cyber resilient storage hardware can defeat ransomware Sponsored Feature Ransomware is everywhere. The FBI and CISA just issued yet another advisory about it.…
Supply chain management provider Blue Yonder confirmed it was hit by ransomware attack
And it looks like major UK retailers that rely on it are feeling the pinch US-based supply chain SaaS vendor Blue Yonder has revealed a service disruption caused by ransomware, and its customers are reportedly struggling to get goods onto shelves as a result.…
The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%.
Social Engineering Moves Mirror Nation-State Groups' Tactics, Researchers SayThe Black Basta ransomware group has been refining its social engineering tactics to amass more victims despite escalating law enforcement disruptions, together with a shift to more "strategic, long-term planning" that security experts said suggests Russian state ties.
New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren't so sure the brand means that much.
Supply chain management firm Blue Yonder is warning that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK. [...]