Tag: Ransomware

Four young people lie on green grass in colorful clothing, viewed from above, smiling and relaxing.

Hackers ate my homework: Educational SaaS Canvas down after cyberattack

ShinyHunters takes the credit and gives developer an F for security

Don't pay Vect a ransom - your data's likely already wiped out

'Full recovery is impossible for anyone, including the attacker'

Burglar alarm biz burgled: ADT confirms cyber intrusion after ShinyHunters extortion attempt

Security giant says attackers grabbed 'limited set' of data. Crooks claim 10 million records

Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide

Lawmakers decry CISA cuts: 'We are shooting ourselves in the foot'

REG AD

Men in suits on opposite side of a table angrily pointing at each other

Yet another ex-ransomware negotiator admits turning rogue after payoff from crimelords

Plus: Court papers reveal nonprofit paid a ransom worth nearly $26.8 million

Adaptavist Group breach spawns imposter emails as ransomware crew claims mega-haul

Fake emails already doing the rounds as ransomware crew boasts about what it allegedly stole

Textbook titan McGraw Hill on ransomware crew's reading list after 13.5M records exposed

Publisher claims misconfigured Salesforce-hosted page leaked data

Automotive data biz Autovista blames ransomware for service disruption

Some customer orgs tell staff to block inbound email from the provider

No honor among thieves as 0APT threatens rival ransomware gang Krybit

Honey, the skids are fighting again

Someone playing Grand Theft Auto on a screen

Rockstar Games gets a taste of grand theft data

ShinyHunters claims it accessed Snowflake metrics via third-party tool

Criminal wannabes even more dangerous than the pros, says ex-FBI cyber chief

If they don't know what they're doing, you might never get your data back

Dutch healthcare software vendor goes dark after ransomware attack

ChipSoft's website remains down but emails are functioning

REG AD

Russian initial access broker who fed ransomware crews gets 81 months in US prison

Aleksei Volkov sentenced after enabling attacks that cost victims millions

US chip testing firm shrugged off ransomware hit as minor – then came the data leak

Trio-Tech International initially said hack wasn't 'material,' but then stolen data was published

Ransomware crims abused Cisco 0-day weeks before disclosure, says Amazon security boss

Interlock's post-exploit toolkit exposed

EV charger biz ELECQ zapped by ransomware crooks, customer contact data stolen

An attack on the company’s AWS platform may have exposed customers' names and home addresses

Double whammy: Steaelite RAT bundles data theft, ransomware in one evil tool

Credential and cryptocurrency theft, live surveillance, ransomware - an attacker's Swiss Army knife

Ransomware payments cratered in 2025, but attacks surged to record highs

Smaller crews piled in as old names splintered and rebranded

North Korea's Lazarus Group targets healthcare orgs with Medusa ransomware

New ransomware of choice, same critical targets

Polish cops nab 47-year-old man in Phobos ransomware raid

Police say seized kit contained logins, passwords, and server IP addresses

Infosec exec sold eight zero-day exploit kits to Russia, says DoJ

PLUS: Fake ransomware group exposed; EC blesses Google's big Wiz deal; Alleged sewage hacker cuffed; And more

Who's the bossware? Ransomware slingers like employee monitoring tools, too

As if snooping on your workers wasn't bad enough

Nitrogen ransomware is so broken even the crooks can't unlock your files

Gang walks away with nothing, victims are left with irreparable hypervisors

CISA updated ransomware intel on 59 bugs last year without telling defenders

GreyNoise's Glenn Thorpe counts the cost of missed opportunities

Ransomware crims forced to take off-RAMP as FBI seizes forum

Cybercrime solved. The end

Ingram Micro admits summer ransomware raid exposed thousands of staff records

Maine filing confirms July attack affected 42,521 employees and job applicants

Oleg Evgenievich Nefekov - credit: Federal Criminal Police Office (BKA)

German cops add Black Basta boss to EU most-wanted list

Ransomware kingpin who escaped Armenian custody is believed to be lying low back home

'Imagination the limit': DeadLock ransomware gang using smart contracts to hide their work

New crooks on the block get crafty with blockchain to evade defenses

Putinswap: France trades alleged ransomware crook for conflict researcher

Basketball player accused of aiding cybercrime gang extradition blocked in exchange for Swiss NGO consultant

A screenshot of a ransomware infection warning on a PC display

Ransomware attacks kept climbing in 2025 as gangs refused to stay dead

Cop wins hit crime infrastructure, not the people behind it

LockBit takedown architect gets New Year award from King Charles

Gavin Webb orchestrated Operation Cronos as it pulled off the legendary disruption sting

Cybersecurity pros admit to moonlighting as ransomware scum

Pair became ALPHV affiliates to prey on US-based clients

REG AD

From pr0n to playlists and paperclips, trio of breaches spills data of millions

Adult site, streaming platform, and Japanese retailer expose user info, but not credentials

Russian hackers debut simple ransomware service, but store keys in plain text

Operators accidentally left a way for you to get your data back

Virtualization

Researchers spot 700 percent increase in hypervisor ransomware attacks

Get your Hyper-V and VMware ESXi setups in order, people

Here’s your worst nightmare: E-tailer can only resume partial sales 45 days after ransomware attack

Japan’s Askul still can’t run all its sites, but at least the fax line held up OK

REG AD

Zendesk users targeted as Scattered Lapsus$ Hunters spin up fake support sites

ReliaQuest finds fresh crop of phishing domains and toxic tickets

Scottish council still rebuilding systems two years after ransomware attack

Audit sympathetic toward Comhairle nan Eilean Siar as staff stretched to capacity trying to recover

CodeRED emergency alert system CodeDEAD after INC ransomware attack

Regions across US affected, and one tore up its contract for the product

Corporate predators get more than they bargain for when their prey runs SonicWall firewalls

Acquirers inherit more than staff and systems

Get ready for 2026, the year of AI-aided ransomware

State-backed crews are already poking at autonomous tools, Trend Micro warns

Alleged Media Lab BPH operatives Aleksandr Volosovik and Yulia Pankova

US, UK, Australia sanction Lockbit gang’s hosting provider

‘Bulletproof’ hosts partly dodged the last attack of this sort

CISA flags imminent threat as Akira ransomware starts hitting Nutanix AHV

Advisory updated as leading cybercrime crew opens up its target pool

Ransomed CTO falls on sword, refuses to pay extortion demand

Checkout.com will instead donate the amount to fund cybercrime research

Extra, extra, read all about it: Washington Post clobbered in Clop caper

Nearly 10,000 staff and contractors warned after attackers raided newspaper's Oracle EBS setup

Hitachi-owned GlobalLogic admits data stolen on 10k current and former staff

Clop's Oracle EBS exploit spree shows no sign of slowing, claims nearly 30 more casualties in media, finance, and tech.

Cyber insurers paid out over twice as much for UK ransomware attacks last year

Massive increase in policy claims… and data doesn’t even cover the major attacks of 2025

Russian broker pleads guilty to profiting from Yanluowang ransomware attacks

Aleksei Volkov faces years in prison, may have been working with other crews

Gootloader malware back for the attack, serves up ransomware

Move fast - miscreants compromised a domain controller in 17 hours

MIT Sloan quietly shelves AI ransomware study after researcher calls BS

Even AI has doubts about the claim that '80% of ransomware attacks are AI-driven'

Ransomware negotiator, pay thyself!

Rogues committed extortion while working for infosec firms

Ransomware gang runs ads for Microsoft Teams to pwn victims

You click and think you're getting a download page, but get malware instead

REG AD

Firewalls and VPNs are so complex now, they can actually make you less secure

A report from cyber-insurer At-Bay fingers Cisco and Citrix VPNs as most likely to lead to ransomware trouble

Muji's minimalist calm shattered as ransomware takes down logistics partner

Japanese retailer halts online orders after attack cripples third-party vendor

How malware vaccines could stop ransomware's rampage

Security pros explore whether infection-spoofing code can immunize Windows systems against attack

Person hides face in shocked anticipation of something horrible. Photo via shutterstock

A simple AI prompt saved a developer from this job interview scam

Plus: Ransomware posing as Teams installer, Cisco 0-day exploit to drop rootkit, and European cops bust SIM-box service

Machine learning meets malware: how AI-powered ransomware could destroy your business

How to avoid your business being felled by an AI-powered ransomware attack that costs less than a laptop.

Asahi breach leaves bitter taste as brewer fears personal data slurped

Japan's beer behemoth still mopping up after ransomware spill that disrupted deliveries and delayed results

Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal

And they’re likely still abusing the same SharePoint flaws for initial access

Cops nuke BreachForums (again) amid cybercrime supergroup extortion blitz

US and French fuzz pull the plug on Scattered Lapsus$ Hunters' latest leak shop targeting Salesforce

3 more infamous cybercrime crews team up to 'maximize income' in 'challenging' ransomware biz

It's hard out there for a crim

Take this rob and shove it! Salesforce issues stern retort to ransomware extort

CRM giant 'will not engage, negotiate with, or pay' the scumbags

Teens arrested in London preschool ransomware attack

Both men, 17, taken into custody

Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried

You can't find anything bad if you don't look, right?

No suds for you! Asahi brewery attack leaves Japanese drinkers dry

One week after the blitz, beer biz is still stymied

'Retired' cybercrime group demands ransom not to leak 1B Salesforce records

CRM giant insists its platform wasn’t breached

businessman shrugging - illustration via shutterstock

Oracle tells Clop-targeted EBS users to apply July patch, problem solved

Researchers suggest internet-facing portals are exposing 'thousands' of orgs

Ransomware scumbags say they deleted kids' info after other gangs called them out

Honor among thieves - extortion is fine, but no juveniles, please

Clop-linked crims shake down Oracle execs with data theft claims

Extortion emails name-drop Big Red's E-Business Suite, though Google and Mandiant yet to find proof of any breach

Schools are swotting up on security yet still flunk recovery when cyberattacks strike

Coursework 'gone forever' as 10% report critical damage

Asahi runs dry as online attackers take down Japanese brewer

No personal info gulped as yet, but don't call for help

Volvo North America confirms staff data stolen following ransomware attack on IT supplier

The downstream consequences of Miljödata’s ransomware attack continue to affect major organizations

The theft of children's data is especially egregious

Callous crims break into preschool network, publish toddlers' data

Images of toddlers and home addresses leaked in reprehensible landmark attack

Cops cuff another teen over alleged Scattered Spider attack that broke Vegas casinos

Not old enough to drink, old enough to be accused of causing millions in damage

Ransomware attack linked to museum break-in and theft of golden exhibits

PLUS: Luxury brands under fire; FBI warns crims are spoofing it again; ICE buys phone cracking software

Alleged Scattered Spider teen cuffed after extortion Bitcoin used to buy games, meals

Feds say gift card splurges tied suspect to multimillion-dollar ransomware crew

Insight Partners confirms ransomware hit, more than 12,000 caught in data dragnet

VC giant rebuilt boxes, patched holes, and says it’s beefed up security – but won’t say who did it

Scattered Spider gang feigns retirement, breaks into bank instead

You didn't really trust the crims to keep their word, did you?

Careless engineer stored recovery codes in plaintext, got whole org pwned

Cautionary tale from the recent SonicWall attacks

Someone using their laptop in a deck chair on the beach, in the sea, as the sunsets while holding a martini

15 ransomware gangs ‘go dark’ to enjoy 'golden parachutes'

PLUS: China's Great Firewall springs a leak; FBI issues rare 'Flash Alert' of Salesforce attacks; $10m bounty for alleged Russian hacker; and more

HybridPetya: More proof that Secure Boot bypasses are not just an urban legend

Although it hasn't been seen in the wild yet

Akira ransomware crims abusing trifecta of SonicWall security holes for extortion attacks

Patch, turn on MFA, and restrict access to trusted networks…or else

Uncle Sam indicts alleged ransomware kingpin tied to $18B in damages

Prosecutors claim Ukrainian ran LockerGoga, MegaCortex, and Nefilim ops – $11M bounty on his head

Someone upset at ransomware infecting their PC

The crazy, true story behind the first AI-powered ransomware

tldr; boffins did it

It looks like you’re ransoming data. Would you like some help?

AI-powered ransomware, extortion chatbots, vibe hacking … just wait until agents replace affiliates

Ransomware crooks knock Swedish municipalities offline for measly sum of $168K

Miljödata meltdown leaves 200 local authorities scrambling over 1.5 BTC

The intruder is in the house: Storm-0501 attacked Azure, stole data, demanded payment via Teams

Don't let it happen to you

First AI-powered ransomware spotted, but it's not active – yet

Oh, look, a use case for OpenAI's gpt-oss-20b model

Short circuit: Electronics supplier to tech giants suffers ransomware shutdown

Amazon, Apple, Google, and Microsoft among major customers

Woman in hospital (in hospital gown) covers face with hands

Kidney dialysis giant DaVita tells 2.4M people they were snared in ransomware data theft nightmare

Health details, tax ID numbers, even images of checks were stolen, reportedly by the Interlock gang

Networks

Colt changes tune, admits data theft as Warlock gang begins auction

Worried about your data? No probs, says firm, we'll check the dark web crims' list for you! Yes really

Ransomware crews don't care about your endpoint security – they've already killed it

Some custom malware, some legit software tools

Ransomware crew spills Saint Paul's 43GB of secrets after city refuses to cough up cash

Manpower franchise discloses data theft after RansomHub posts alleged stolen data

BlackSuit ransomware crew loses servers, domains, and $1m in global shakedown

Oh, great. Three notorious cybercrime gangs appear to be collaborating

SonicWall investigates 'cyber incidents,' including ransomware targeting suspected 0-day

German phone repair biz collapses following 2023 ransomware attack

As ransomware gangs threaten physical harm, 'I am afraid of what's next,' ex-negotiator says

Ransomware gang sets deadline to leak 3.5 TB of Ingram Micro data

Microsoft: SharePoint attacks now officially include ransomware infections

UK to ban ransomware payments by public sector organizations

French cops cuff Russian pro basketball player on ransomware charges

NCA arrests four in connection with UK retail ransomware attacks

Ingram Micro restarts orders – for some – following ransomware attack

Phishing platforms, infostealers blamed as identity attacks soar

Stalkerware firm gets scooped by SQL-slinging security snoop

Ingram Micro confirms ransomware behind multi-day outage

Young Consulting finds even more folks affected in breach mess – now over 1 million

Ransomware crew Hunters International shuts down, hands out keys to victims

US imposes sanctions on second Russian bulletproof hosting vehicle this year

Cl0p cybercrime gang's data exfiltration tool found vulnerable to RCE attacks

It's 2025 and almost half of you are still paying ransomware operators

Qilin ransomware attack on NHS supplier contributed to patient fatality

Four REvil ransomware crooks walk free, escape gulag fate, after admitting guilt

Second attack on McLaren Health Care in a year affects 743k people

Experts count staggering costs incurred by UK retail amid cyberattack hell

Looks like Aflac is the latest insurance giant snagged in Scattered Spider’s web

Qilin ransomware top dogs treat their minions to on-call lawyers for fierier negotiations

Scattered Spider has moved from retail to insurance

Remorseless extortionists claim to have stolen thousands of files from Freedman HealthCare

Ransomware scum disrupted utility services with SimpleHelp attacks

Winning the war on ransomware with AI: Four real-world use cases

US infrastructure could crumble under cyberattack, ex-NSA advisor warns

A mock-up of a message from a ransomware infection demanding money to decrypt scrambled files

Your ransomware nightmare just came true – now what?

Play ransomware crims exploit SimpleHelp flaw in double-extortion schemes

Ransomware scum leak patient data after disrupting chemo treatments at Kettering

Lumma infostealer takedown may have inflicted only a flesh wound as crew keeps pinching and selling data

Cartoon man with hat and tie. Facial features replaced by question mark.

Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump

Public Sector

Aussie businesses now have to fess up when they pay off ransomware crims

US medical org pays $50M+ to settle case after crims raided data and threatened to swat cancer patients

Crims defeat human intelligence with fake AI installers they poison with ransomware

DragonForce double-whammy: First hit an MSP, then use RMM software to push ransomware

Ransomware attack on MATLAB dev MathWorks – licensing center still locked down

Ransomware scum leaked Nova Scotia Power customers' info

Rubber duck (classic, yellow) floats on water. Photo by shutterstock

Feds finger Russian 'behind Qakbot malware' that hit 700K computers

Scottish council admits ransomware crooks stole school data

Boy with a torch facing giant spider in mysterious forest

Scattered Spider snared financial orgs before targeting shops in Britain, America

Ransomware attack on food distributor spells more pain for UK supermarkets

Storage

Transform your storage ownership experience with guaranteed IT outcomes

Ex-NSA bad-guy hunter listened to Scattered Spider's fake help-desk calls: 'Those guys are good'

Broadcom employee data stolen by ransomware crooks following hit on payroll provider

Cyber fiends battering UK retailers now turn to US stores

Here's what we know about the DragonForce ransomware that hit Marks & Spencer

Metal maker meltdown: Nucor stops production after cyber-intrusion

Ransomware scum have put a target on the no man's land between IT and operations

A view of a lamborgini, outside Harrods in Knightsbridge, London –

Unending ransomware attacks are a symptom, not the sickness

DOGE worker's old creds found exposed in infostealer malware dumps

You think ransomware is bad now? Wait until it infects CPUs

Interior of The British Library, The King's Library inside hall, London, UK

Data watchdog will leave British Library alone – further probes 'not worth our time'

Ransomware scum and other crims bilked victims out of a 'staggering' $16.6B last year, says FBI

Fog ransomware channels Musk with demands for work recaps or a trillion bucks

A pot of $250K is now available to ransomware researchers, but it feeds a commercial product

Spotlight on RSAC

Illustration of someone putting Bitcoin into a lock

Guess what happens when ransomware fiends find 'insurance' 'policy' in your files

US sensor giant Sensata admits ransomware derailed ops

Disaster Recovery Week

Heterogeneous stacks, ransomware, and ITaaS: A DR nightmare

Crimelords at Hunters International tell lackeys ransomware too 'risky'

Disaster Recovery Week

Ransomware crews add 'EDR killers' to their arsenal – and some aren't even malware

Graphic of skull and cross bones made of binary colored with the russian flag colors over a keyboard

Cyber-crew claims it cracked American cableco, releases terrible music video to prove it

Security shop pwns ransomware gang, passes insider info to authorities

Ransomwared NHS software supplier nabs £3M discount from ICO for good behavior

Steam punk style vampire hunter with a gun

VanHelsing ransomware emerges to put a stake through your Windows heart

WASHINGTON - OCTOBER 26: Signs held by protesters during a rally against mass surveillance in Washington, DC on October 26, 2013.

Extortion crew threatened to inform Edward Snowden (?!) if victim didn't pay up

New kids on the ransomware block channel Lockbit to raid Fortinet firewalls

Medusa ransomware affiliate tried triple extortion scam – up from the usual double demand

Rhysida pwns two US healthcare orgs, extracts over 300K patients' data

Spotlight on RSAC

How NOT to f-up your security incident response

The NHS security culture problem is a crisis years in the making

Distorted screenshot of the Garantex seizure notice

Uncle Sam charges alleged Garantex admins after crypto-exchange web seizures

Like whitebox servers, rent-a-crew crime 'affiliates' have commoditized ransomware

International cops seize ransomware crooks' favorite Russian crypto exchange

Qilin ransomware gang boasts of cyberattacks on cancer clinic, Ob-Gyn facility

Bootnotes

Cybercrims now licking stamps and sending extortion demands in snail mail

Ransomware thugs threaten Tata Technologies with leak if demands not met

Illustration of a hard disk drive disintegrating

Microsoft signed a dodgy driver and now ransomware scum are exploiting it

US Cyber Command reportedly pauses cyberattacks on Russia

Ransomware criminals love CISA's KEV list – and that's a bug, not a feature

Southern Water takes the fifth over alleged $750K Black Basta ransom offer

Experts race to extract intel from Black Basta internal chat leaks

Ghost ransomware crew continues to haunt IT depts with scarily bad infosec

Medusa ransomware gang demands $2M from UK private health services provider

Celeb exits car while paparazzi try to take her picture

London celebrity talent agency reports itself to ICO following Rhysida attack claims

US newspaper publisher uses linguistic gymnastics to avoid saying its outage was due to ransomware

Gmail icon photo by I AM NIKOM via Shutterstock

Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps

Public Sector

Fujitsu worries US tariffs will see its clients slow digital spend

President Xi looking upset at IT workers

Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks

Ransomware isn't always about the money: Government spies have objectives, too

Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining

UK, US, Oz blast holes in LockBit's bulletproof hosting provider Zservers

All your 8Base are belong to us: Ransomware crew busted in global sting

If Ransomware Inc was a company, its 2024 results would be a horror show

Illustration of someone looking into a crystal ball with malware in it

Another banner year for ransomware gangs despite takedowns by the cops

Ransomware attack at New York blood services provider – donors turned away during shortage crisis

Baguette bandits strike again with ransomware and a side of mockery

Security pros more confident about fending off ransomware, despite being battered by attacks

CDNs: Great for speeding up the internet, bad for location privacy

Ransomware scum make it personal for Reg readers by impersonating tech support

fed up uni students looking at failing laptop

Ransomware attack forces Brit high school to shut doors

The Angel of the North, Gateshead, is a steel sculpture by Antony Gormley which stands 66 feet high with a wing span of 177 feet.

Medusa ransomware group claims attack on UK's Gateshead Council

Enzo Biochem settles lawsuit over 2023 ransomware attack for $7.5M

UK floats ransomware payout ban for public sector

AWS Re:Invent in Las Vegas, December 2024

Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days

Europe coughs up €400 to punter after breaking its own GDPR data protection rules

Telemetry data from 800K VW Group EVs exposed online

Atos denies Space Bears' ransomware claims – with a 'but'

How cops taking down LockBit, ALPHV led to RansomHub's meteoric rise

What do ransomware and Jesus have in common? A birth month and an unwillingness to die

Suspected LockBit dev, facing US extradition, 'did it for the money'

UK ICO not happy with Google's plans to allow device fingerprinting

Ransomware scum blow holes in Cleo software patches, Cl0p (sort of) claims responsibility

Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat'