Blog

Blog

750,000 Patients' Medical Records Exposed After Data Breach at French Hospital

When we think about our data being leaked onto the internet, we often picture it as our financial records, our passwords, our names and addresses... what is less often considered is the exposure of our private medical information.A French hospital has found itself in the unenviable position of learning that hackers have gained access to the medical records of over 750,000 patients following a...
Blog

ShrinkLocker Ransomware: What You Need To Know

What is ShrinkLocker?ShrinkLocker is a family of ransomware that encrypts an organisation's data and demands a ransom payment in order to restore access to their files. It was first identified by security researchers in May 2024, after attacks were observed in Mexico, Indonesia, and Jordan.So far, so normal. What makes it noteworthy?The ShrinkLocker ransomware is unusual because it uses VBScript...
Blog

Winter Fuel Payment Scam Targets UK Citizens Via SMS

Scammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills. In July, the UK's new Labour Government announced that it was limiting who was eligible for assistance with their winter fuel bills by making eligibility means-tested. The controversial decision appears to have...
Blog

Fraudsters Exploit US General Election Fever, FBI Warns

As the United States of America enters the final days of the race for the White House, the FBI has warned that fraudsters are using the presidential election campaign to scam citizens out of their savings and personal data.According to a public service announcement published by the Internet Crime Complaint Center (IC3), scammers who have previously exploited state and local elections are targeting...
Blog

NotLockBit: Ransomware Discovery Serves As Wake-Up Call For Mac Users

Historically, Mac users haven't had to worry about malware as much as their Windows-using cousins. Although malware targeting Apple devices actually predates viruses written for PCs, and there have been some families of malware that have presented a significant threat for both operating systems (for instance, the Word macro viruses that hit computers hard from 1995 onwards), it is generally the...
Blog

Glimmer Of Good News On The Ransomware Front As Encryption Rates Plummet

No-one would be bold enough to say that the ransomware problem is receding, but a newly-published report by Microsoft does deliver a slither of encouraging news amongst the gloom. And boy do we need some good news - amid reports that 389 US-based healthcare institutions were hit by ransomware last year - more than one every single day. The 114-page Microsoft Digital Defense Report (MMDR) looks at...
Blog

Tick Tock.. Operation Cronos Arrests More LockBit Ransomware Gang Suspects

International law enforcement agencies have scored another victory against the LockBit gang, with a series of arrests and the seizure of servers used within the notorious ransomware group's infrastructure. As Europol has detailed in a press release, international authorities have continued to work on "Operation Cronos", and now arrested four people, seized servers, and implemented sanctions...
Blog

CISA Warns of Hackers Targeting Industrial Systems with "Unsophisticated Methods" Amid Lebanon Water Hack Claims

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that malicious hackers continue to be capable of compromising industrial control systems (ICS) and other operational technology (OT) using "unsophisticated methods" - suggesting that much more still needs to be done to secure them properly.In an advisory posted on CISA's website yesterday, the agency said that internet...
Blog

Warnings After New Valencia Ransomware Group Strikes Businesses and Leaks Data

A new ransomware operation has started to leak information it claims has been stolen from organisations it has compromised around the world.In recent days Valencia Ransomware has posted on its dark web leak site's so-called "Wall of shame" links to gigabytes of downloadable information that has seemingly been exfiltrated from a Californian municipality, a pharmaceutical firm, and a paper...
Blog

WordPress Plugin and Theme Developers Told They Must Use 2FA

Developers of plugins and themes for WordPress.org have been told they are required to enable two-factor authentication (2FA) from October 1st.The move is intended to enhance security, helping prevent hackers from gaining access to accounts through which malicious code could be injected into code used by millions of websites running the self-hosted version of WordPress.The threat posed by supply...
Blog

Cicada Ransomware - What You Need To Know

What is the Cicada ransomware?Cicada (also known as Cicada3301) is sophisticated ransomware written in Rust that has claimed more than 20 victims since its discovery in June 2024.Why is the ransomware called Cicada?The criminals behind Cicada appear to have named it after the mysterious Cicada 3301 puzzles posted on the internet between 2012 and 2014, seemingly to recruit highly intelligent...
Blog

2.5 Million Reward Offered For Cyber Criminal Linked To Notorious Angler Exploit Kit

Who doesn't fancy earning US $2.5 million?That's the reward that's on offer from the US Department and State and Secret Service for information leading to the arrest and/or conviction of a Belarusian man who allegedly was a key figure behind the development and distribution of the notorious Angler Exploit Kit.38-year-old Vladimir Kadariya is charged with a range of cybercrime offences which saw...
Blog

Ransomware Kingpin Who Called Himself "J P Morgan" Extradited to the United States

An investigation dating back almost ten years has seen the extradition this week to the United States of a man suspected to be the head of one the world's most prolific Russian-speaking cybercriminal gangs.The UK's National Crime Agency (NCA) says it has been investigating a cybercriminal using the online handle "J P Morgan" since 2015, alongside parallel investigations run by the United States...
Blog

Over $40 Million Recovered and Arrests Made Within Days After Firm Discovers Business Email Compromise Scam

According to the FBI, billions of dollars have been lost through Business Email Compromise (BEC) attacks in recent years, so you may well think that there is little in the way of good news.However, it has been revealed this week that police managed to recover more than US $40 million snatched in a recent BEC heist just two days after being told about it.As Interpol describes, police were contacted...
Blog

$75 Million Record-Breaking Ransom Paid To Cybercriminals, Say Researchers

The staggering sum of US $75 million has reportedly been paid to a ransomware gang in what is believed to be the largest known ransom payment made by a cyber attack victim since records began. Researchers at Zscaler claim in a new report that the record-breaking figure was paid by an undisclosed Fortune 50 company to the Dark Angels ransomware group. The reported payment almost doubles the...
Blog

SEXi / APT Inc Ransomware - What You Need To Know

SEXi? Seriously? What are you talking about this time?Don't worry, I'm not trying to conjure images in your mind of Rod Stewart in his iconic leopard print trousers. Instead, I want to warn you about a cybercrime group that has gained notoriety for attacking VMware ESXi servers since February 2024.Excuse me for not knowing, but what is VMWare EXSi?EXSi is a hypervisor - allowing businesses who...
Blog

HardBit Ransomware - What You Need To Know

What's happened?A new strain of the HardBit ransomware has emerged in the wild. It contains a protection mechanism in an attempt to prevent analysis from security researchers.HardBit? I think I've heard of that before.Quite possibly. HardBit first emerged in late 2022, and quickly made a name for itself as it attempted to extort ransom payments from corporations whose data it had encrypted.That...
Blog

RansomHub Ransomware - What You Need To Know

What's RansomHub?Despite first appearing earlier this year, RansomHub is already considered one of the most prolific ransomware groups in existence.It operates a ransomware-as-a-service (RaaS) operation, meaning that a central core of the group creates and maintains the ransomware code and infrastructure, and rents it out to other cybercriminals who act as affiliates.How has RansomHub become such...
Blog

Volcano Demon Ransomware Group Rings Its Victims To Extort Money

What's happening?Security researchers have warned that a new ransomware group has taken an unusual twist on the traditional method of extorting money from its corporate victims.So what's different this time?Whereas many ransomware attacks see a company's company's data exfiltrated by attackers, and the threat made that stolen data will be sold to other cybercriminals or released to the public, the...
Blog

Better Resilience Sees More Extorted Companies Refuse To Pay Their Ransomware Attackers

There's some possibly good news on the ransomware front.Companies are becoming more resilient to attacks, and the ransom payments extorted from businesses by hackers are on a downward trend.That's one of the findings of insurance broker Marsh, which conducted an analysis of the more than 1800 cyber claims it received during 2023 from its clients in the United States and Canada.According to Marsh,...