#ransomware

[ follow ]
#cybersecurity #data-breach #cybercrime #education-technology #cyberattack #extortion #canvas
Information security
fromComputerWeekly.com
9 hours ago

The Gentlemen emerging as key ransomware player | Computer Weekly

The Gentlemen ransomware gang is rapidly evolving into a RaaS operation using advanced encryption and affiliate proxy malware to scale extortion attacks across platforms.
#cybercrime
Privacy professionals
fromtheregister
23 hours ago

MyPillow must decide whether to be firm or soft as ransomware crims demand pay

Play ransomware extortionists listed MyPillow as an alleged victim and threatened to leak stolen confidential data unless a ransom was paid.
Privacy technologies
fromArs Technica
4 days ago

Police boast of hacking VPN where criminals "believed themselves to be safe"

Law enforcement infiltrated a criminal VPN, seized its domains, identified thousands of users, and arrested its administrator.
Privacy technologies
fromThe Hacker News
4 days ago

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

A coordinated international operation dismantled First VPN, a criminal VPN used to hide ransomware and data theft activity by seizing servers and infrastructure across multiple countries.
Information security
fromSecurityWeek
5 days ago

'First VPN' Cybercrime Service Disrupted, Administrator Arrested

Law enforcement disrupted First VPN, a cybercrime service used for ransomware and intrusions, dismantling servers, arresting an alleged administrator, and notifying 506 users.
Privacy technologies
fromTechzine Global
5 days ago

Police take First VPN offline after five-year investigation

First VPN, used by ransomware groups, was taken offline through Dutch-French Europol action, leading to server shutdowns, administrator arrest, and identification of thousands of users.
Privacy professionals
fromTechCrunch
5 days ago

Law enforcement shuts down VPN service used by two dozen ransomware gangs | TechCrunch

First VPN was taken down by an international law enforcement coalition after arrests, revealing widespread use by ransomware gangs and other cybercriminal activity.
Privacy professionals
fromtheregister
23 hours ago

MyPillow must decide whether to be firm or soft as ransomware crims demand pay

Play ransomware extortionists listed MyPillow as an alleged victim and threatened to leak stolen confidential data unless a ransom was paid.
Privacy technologies
fromArs Technica
4 days ago

Police boast of hacking VPN where criminals "believed themselves to be safe"

Law enforcement infiltrated a criminal VPN, seized its domains, identified thousands of users, and arrested its administrator.
Privacy technologies
fromThe Hacker News
4 days ago

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

A coordinated international operation dismantled First VPN, a criminal VPN used to hide ransomware and data theft activity by seizing servers and infrastructure across multiple countries.
Information security
fromSecurityWeek
5 days ago

'First VPN' Cybercrime Service Disrupted, Administrator Arrested

Law enforcement disrupted First VPN, a cybercrime service used for ransomware and intrusions, dismantling servers, arresting an alleged administrator, and notifying 506 users.
Privacy technologies
fromTechzine Global
5 days ago

Police take First VPN offline after five-year investigation

First VPN, used by ransomware groups, was taken offline through Dutch-French Europol action, leading to server shutdowns, administrator arrest, and identification of thousands of users.
Privacy professionals
fromTechCrunch
5 days ago

Law enforcement shuts down VPN service used by two dozen ransomware gangs | TechCrunch

First VPN was taken down by an international law enforcement coalition after arrests, revealing widespread use by ransomware gangs and other cybercriminal activity.
more#cybercrime
Information security
fromTechRepublic
5 days ago

New Verizon Report Reveals the Security Gap Attackers Are Exploiting Most

Vulnerability exploitation, AI-enabled attacks, third-party risk, and ransomware are driving breaches, while human error remains a major factor.
Information security
fromTechRepublic
6 days ago

Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs

Fox Tempest abused Azure Artifact Signing to generate fraudulent code-signing certificates, enabling malware and ransomware to appear trusted and evade defenses.
Information security
fromSecuritymagazine
6 days ago

Strategies, Expert Insights from the 2026 Verizon DBIR

Software vulnerabilities became the leading access method, mobile attacks rose, and generative AI is accelerating exploitation and expanding breach patterns.
Information security
fromThe Hacker News
1 week ago

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

Microsoft disrupted a malware-signing-as-a-service operation using Artifact Signing, seizing infrastructure and blocking access to stop ransomware and other attacks.
#code-signing-abuse
Information security
fromtheregister
1 week ago

Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware

Microsoft seized websites and took down a code-signing certificate service used to make ransomware and malware appear legitimate, infecting thousands of US machines including Microsoft-owned systems.
Information security
fromNextgov.com
1 week ago

Microsoft disrupts cybercrime service offering malware disguised as legitimate software

Fox Tempest abused Microsoft code-signing tools to sell malware-signing services, leading to widespread ransomware and malicious attacks across multiple sectors and countries.
Information security
fromtheregister
1 week ago

Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware

Microsoft seized websites and took down a code-signing certificate service used to make ransomware and malware appear legitimate, infecting thousands of US machines including Microsoft-owned systems.
Information security
fromNextgov.com
1 week ago

Microsoft disrupts cybercrime service offering malware disguised as legitimate software

Fox Tempest abused Microsoft code-signing tools to sell malware-signing services, leading to widespread ransomware and malicious attacks across multiple sectors and countries.
more#code-signing-abuse
#data-breach
Information security
fromSecuritymagazine
1 week ago

123,000 Impacted by American Lending Center's Year-Old Breach

A banking and finance data breach involved ransomware, with possible access to sensitive personal information affecting over 123,000 individuals.
Information security
fromwww.theguardian.com
1 week ago

Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?

Instructure reached an agreement with ransomware attackers after student data theft, login page defacement, and assignment delays, with experts suspecting ransom payment.
Privacy professionals
fromSecurityWeek
1 week ago

American Lending Center Data Breach Affects 123,000 Individuals

A California non-bank lender reported a ransomware breach affecting 123,000 people, with potential theft of personal identifiers, and found no evidence of misuse.
Privacy professionals
fromComputerWeekly.com
2 weeks ago

ICO fines Cl0p victim South Staffs Water over data breach | Computer Weekly

South Staffordshire Water and its parent received a reduced £964,900 ICO fine after improvements following a Cl0p ransomware attack that exposed data of 600,000 people.
Information security
fromSecurityWeek
2 weeks ago

Ransomware Group Takes Credit for Trellix Hack

RansomHouse claimed responsibility for a Trellix breach involving leaked access to internal services and dashboards, while Trellix reported no evidence of source code exploitation.
Information security
fromWIRED
2 weeks ago

The Canvas Hack Is a New Kind of Ransomware Debacle

Canvas was placed in maintenance mode after a breach and extortion attempt, disrupting school operations nationwide and exposing user data at affected institutions.
Information security
fromSecuritymagazine
1 week ago

123,000 Impacted by American Lending Center's Year-Old Breach

A banking and finance data breach involved ransomware, with possible access to sensitive personal information affecting over 123,000 individuals.
Information security
fromwww.theguardian.com
1 week ago

Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?

Instructure reached an agreement with ransomware attackers after student data theft, login page defacement, and assignment delays, with experts suspecting ransom payment.
Privacy professionals
fromSecurityWeek
1 week ago

American Lending Center Data Breach Affects 123,000 Individuals

A California non-bank lender reported a ransomware breach affecting 123,000 people, with potential theft of personal identifiers, and found no evidence of misuse.
Privacy professionals
fromComputerWeekly.com
2 weeks ago

ICO fines Cl0p victim South Staffs Water over data breach | Computer Weekly

South Staffordshire Water and its parent received a reduced £964,900 ICO fine after improvements following a Cl0p ransomware attack that exposed data of 600,000 people.
Information security
fromSecurityWeek
2 weeks ago

Ransomware Group Takes Credit for Trellix Hack

RansomHouse claimed responsibility for a Trellix breach involving leaked access to internal services and dashboards, while Trellix reported no evidence of source code exploitation.
Information security
fromWIRED
2 weeks ago

The Canvas Hack Is a New Kind of Ransomware Debacle

Canvas was placed in maintenance mode after a breach and extortion attempt, disrupting school operations nationwide and exposing user data at affected institutions.
more#data-breach
Information security
fromThe Hacker News
1 week ago

Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

Exploited vulnerabilities in trusted systems enable key leakage, cloud access, and production incidents, so patching quiet risks first reduces fast-moving attack impact.
#cybersecurity
Information security
fromBusiness Matters
2 weeks ago

Stryker hack shows cyber intelligence is more important than ever

A major medical device company’s devices were wiped after an Iran-linked ransomware attack, showing cyber threats can strike anytime and require urgent security priorities.
Education
fromwww.theguardian.com
2 weeks ago

Canvas platform strikes deal with hackers to delete students' stolen data

Instructure reached an agreement with hackers to delete stolen Canvas data, returned it, and received shred-log confirmation, though complete certainty remains impossible.
Information security
fromSecurityWeek
2 weeks ago

Deal Reached With Hackers to Delete Data Stolen From the Canvas Educational Platform

Instructure reached an agreement with hackers to delete stolen Canvas data, returned it, and received shred-log confirmation, while acknowledging complete certainty is impossible.
more#cybersecurity
fromWIRED
1 week ago
Information security

Cybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams Recording

Stolen iPhones enable phishing targeting contacts, while cyberattacks, drone experiments, maritime blockades, and insider sabotage expand security risks.
Information security
fromSecuritymagazine
1 week ago

Foxconn Confirms Cyberattack, Security Experts Discuss

A Foxconn cyberattack disrupted North American facilities and involved alleged theft of 8TB of hardware and network data, creating long-term supply-chain and product-security risks.
#cyberattack
Information security
fromSecurityWeek
2 weeks ago

Foxconn Confirms North American Factories Hit by Cyberattack

Foxconn confirmed North American factories were hit by a cyberattack, with affected sites resuming normal production after response measures were activated.
Tech industry
fromTechCrunch
2 weeks ago

Ransomware hackers claim breach at Foxconn, a major electronics manufacturer for Apple, Google, and Nvidia | TechCrunch

A ransomware attack hit Foxconn facilities in North America, with affected factories resuming normal production while Nitrogen claimed theft of over 11 million files.
Information security
fromTechzine Global
2 weeks ago

Foxconn attackers allegedly obtained Apple and Nvidia data

Foxconn confirmed a North American ransomware attack, with Nitrogen claiming theft of confidential data and Foxconn restarting affected factories.
Information security
fromtheregister
2 weeks ago

Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files

A ransomware attack hit Foxconn’s North American operations, disrupting some factories but enabling resumption of normal production after response measures.
Higher education
fromwww.bbc.com
2 weeks ago

International cyber attack disrupts swathe of universities and schools

A ShinyHunters cyberattack disrupted Canvas across thousands of schools, forcing exam postponements and leaving some users unable to access coursework.
Information security
fromArs Technica
2 weeks ago

Chaos erupts as cyberattack disrupts learning platform Canvas amid finals

A cyberattack disrupted Canvas during final exams, exposing personal data, prompting schools to postpone or reschedule exams, and restoring the platform after investigation.
Information security
fromSecurityWeek
2 weeks ago

Foxconn Confirms North American Factories Hit by Cyberattack

Foxconn confirmed North American factories were hit by a cyberattack, with affected sites resuming normal production after response measures were activated.
Tech industry
fromTechCrunch
2 weeks ago

Ransomware hackers claim breach at Foxconn, a major electronics manufacturer for Apple, Google, and Nvidia | TechCrunch

A ransomware attack hit Foxconn facilities in North America, with affected factories resuming normal production while Nitrogen claimed theft of over 11 million files.
Information security
fromTechzine Global
2 weeks ago

Foxconn attackers allegedly obtained Apple and Nvidia data

Foxconn confirmed a North American ransomware attack, with Nitrogen claiming theft of confidential data and Foxconn restarting affected factories.
Information security
fromtheregister
2 weeks ago

Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files

A ransomware attack hit Foxconn’s North American operations, disrupting some factories but enabling resumption of normal production after response measures.
Higher education
fromwww.bbc.com
2 weeks ago

International cyber attack disrupts swathe of universities and schools

A ShinyHunters cyberattack disrupted Canvas across thousands of schools, forcing exam postponements and leaving some users unable to access coursework.
Information security
fromArs Technica
2 weeks ago

Chaos erupts as cyberattack disrupts learning platform Canvas amid finals

A cyberattack disrupted Canvas during final exams, exposing personal data, prompting schools to postpone or reschedule exams, and restoring the platform after investigation.
more#cyberattack
Information security
fromWIRED
2 weeks ago

Foxconn Ransomware Attack Shows Nothing Is Safe Forever

Nitrogen claims it stole 8 TB of Foxconn data and extorts the electronics manufacturer, which reported cyberattacks and resuming production at affected North American factories.
#malware
Information security
fromSecurityWeek
2 weeks ago

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware

CRPx0 uses a free OnlyFans lure to deliver stealthy malware that steals cryptocurrency, exfiltrates data, and deploys ransomware via persistence and C2 control.
Information security
fromThe Hacker News
1 month ago

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

The Gentlemen ransomware group uses SystemBC malware to target over 1,570 victims, employing sophisticated tactics for initial access and lateral movement.
Information security
fromSecurityWeek
2 weeks ago

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware

CRPx0 uses a free OnlyFans lure to deliver stealthy malware that steals cryptocurrency, exfiltrates data, and deploys ransomware via persistence and C2 control.
Information security
fromThe Hacker News
1 month ago

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

The Gentlemen ransomware group uses SystemBC malware to target over 1,570 victims, employing sophisticated tactics for initial access and lateral movement.
more#malware
Information security
fromThe Verge
2 weeks ago

Canvas owner reaches 'agreement' with hackers to secure stolen data

Instructure reached an agreement with hackers after a Canvas breach, claiming stolen data was returned and customers will not be extorted.
Information security
fromSearch Storage
2 weeks ago

Attackers targeting storage infrastructure for remote work | TechTarget

Threat actors increasingly target storage infrastructure to access valuable data, disable backups, steal credentials, and spread ransomware impact efficiently.
Privacy professionals
fromtheregister
2 weeks ago

Water company's leaky security earns near-1M fine

Cl0p ransomware went undetected for nearly two years due to weak access controls, insufficient monitoring, unsupported systems, and poor vulnerability management.
fromThe Washington Post
2 weeks ago

Canvas hack exposes schools' vulnerability to cyberattacks

Instructure, the company that operates Canvas, had been warned. Earlier this month, a message was sent, according to Ransomware.live: "This is a final warning to reach out by 6 May 2026 before we leak along with several annoying (digital) problems that'll come your way. Make the right decision, don't be the next headline," and "FINAL WARNING PAY OR LEAK."
US news
fromThe Cipher Brief
2 weeks ago

Corporate Cybersecurity Is the New Frontline of National Security

The battlefield is corporate, the targeting is consequential, and the effects are systemic. Ransomware campaigns now disrupt healthcare systems at scale, producing effects once associated with geopolitical bombing campaigns without crossing a border. Nation-state actors maintain persistent access inside critical infrastructure not to destroy, but to position.
Information security
#muddywater
Information security
fromThe Hacker News
3 weeks ago

MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

MuddyWater, an Iranian hacking group, executed a ransomware attack using social engineering techniques, disguising it as opportunistic extortion.
Information security
fromThe Hacker News
3 weeks ago

MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

MuddyWater, an Iranian hacking group, executed a ransomware attack using social engineering techniques, disguising it as opportunistic extortion.
more#muddywater
#cpanel
Information security
fromTechCrunch
3 weeks ago

Hackers are still exploiting the cPanel bug to gain control of thousands of websites | TechCrunch

Hackers are actively exploiting a critical vulnerability in cPanel and WHM, affecting over 550,000 servers and leading to numerous compromises.
Information security
fromTechCrunch
3 weeks ago

Hackers are still exploiting the cPanel bug to gain control of thousands of websites | TechCrunch

Hackers are actively exploiting a critical vulnerability in cPanel and WHM, affecting over 550,000 servers and leading to numerous compromises.
more#cpanel
fromTechzine Global
4 weeks ago

Stolen patient data from Dutch firm ChipSoft destroyed after cyberattack

ChipSoft confirmed that all data stolen in the ransomware attack has been destroyed in a technically sound manner, although the specifics of this process remain undisclosed.
Privacy professionals
Information security
fromTheregister
4 weeks ago

Don't pay VECT a ransom - your big files are likely gone

Organizations affected by Trivy and LiteLLM compromises that paid Vect likely received little data recovery, according to Check Point Research.
Information security
fromArs Technica
1 month ago

Now, even ransomware is using post-quantum cryptography

Kyber's use of PQC key-exchange algorithms serves more as a marketing tactic than a practical security measure against imminent quantum threats.
Information security
fromIT Brew
1 month ago

Asking around: When does ransomware threat intelligence become noise?

Effective threat intelligence requires filtering information relevant to specific market segments to avoid overwhelming alerts.
Information security
fromTheregister
1 month ago

Adaptavist Group breach: Ransomware crew claims mega-haul

Adaptavist Group is investigating a security breach involving stolen credentials, while a ransomware group claims to have accessed extensive data.
[ Load more ]