Ransomware Groups Claim Hits on Hyundai Motor Europe and a California Union
The unrelated cyberattacks both occurred in January.
Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.
Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.
The unrelated cyberattacks both occurred in January.
MacOS data exfiltration malware poses as an update for Visual Studio code editor.
A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang. [...]
Honor among thieves about to be put to the test The US government has placed an extra $5 million bounty on Hive ransomware gang members – its second such reward in a year. And it also comes a little over 11 months since the FBI said it had shut down the criminal organization's network.…
Recent Victims Include Pennsylvania Emergency Dispatch SystemU.S. federal authorities are again warning the healthcare sector about threats from the Akira ransomware group. The latest alert comes on the heels of several recent attacks by the gang, including one last month on Bucks County, Pennsylvania, which affected an IT system used by emergency responders.
Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data. [...]
The U.S. State Department offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware gang. [...]
Ongoing Innovation and Sophistication Drive Unparalleled ProfitsAttackers wielding ransomware collectively earned over $1 billion last year - breaking previous records. Their increasingly sophisticated attacks targeted "high-profile institutions and critical infrastructure, including hospitals, schools and government," reported Chainalysis.
Ransomware payments in 2023 soared above $1.1 billion for the first time, shattering previous records and reversing the decline seen in 2022, marking the year as an exceptionally profitable period for ransomware gangs. [...]
Chainalysis monitoring of blockchain transactions reveals ransomware payments hit a record $1bn in 2023
Still no word on how the intruders broke in or the full extent of any possible data compromise Global securities finance tech company EquiLend's systems are now back online after announcing a disruptive ransomware attack nearly two weeks ago.…
How good are your takedowns when fresh gangs are linked to previous ops, though? At least 25 new ransomware gangs emerged in 2023, with Akira and 8Base proving the most "successful," research reveals.…
Crypto theft, sextortion tactics, swattings, and ransomware: teenagers are increasingly taking up cybercrime for fun and profit — and experts credit an array of contributing factors.
Back Online: NGT Platform, Which Handles Daily Transactions Worth $100 BillionFinancial giant EquiLend Holdings said it's brought back online multiple systems, including its NGT platform that handles securities lending transactions worth $2.4 trillion every month, following an outage triggered by ransomware-wielding attackers gaining unauthorized access to its systems.