BlackLock ransomware onslaught: What to expect and how to fight it

BlackLock is on track to become the most active ransomware-as-a-service (RaaS) outfit in 2025, according to ReliaQuest. Its success is primarily due to their unusually active presence and good reputation on the ransomware-focused Russian-language forum… Continue reading BlackLock ransomware onslaught: What to expect and how to fight it

Ransomware payments plummet as more victims refuse to pay

Chainalysis’ latest report on how the ransomware landscape changed from 2023 to 2024 shows a promising trend: An increasing number of victims refuses to pay the ransom. The total volume of ransom payments decreased year-over-year by approximately… Continue reading Ransomware payments plummet as more victims refuse to pay

Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities

A Canadian man has been indicted in federal court in New York for exploiting vulnerabilities in two decentralized finance (DeFi) protocols to fraudulently obtain about $65 million from the protocols’ investors. The fraudulent scheme According to court … Continue reading Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities

Let’s Secure Insurance failed to secure their own data storage. Now they have a breach.

Kumar Hemant reports: Let’s Secure Insurance Brokers Pvt Ltd., a prominent Indian insurance brokerage firm, has reportedly fallen victim to ransomware. The perpetrators, identified as the Kill Security (alias KillSec) group, claim to have gained unauth… Continue reading Let’s Secure Insurance failed to secure their own data storage. Now they have a breach.

North Korean IT workers are extorting employers, FBI warns

The FBI is on a mission to raise awareness about the threat that North Korean IT workers present to organizations in the US and around the world. While corporate espionage comes to mind first, the threat goes beyond that: “In recent months, in ad… Continue reading North Korean IT workers are extorting employers, FBI warns

The U.K. is considering prohibiting ransom payments. It’s a difficult issue.

How many times have the FBI and CISA urged entities NOT to pay ransom because it just encourages the attackers to attack more, while others suggest that a total ban would make things a lot worse? On January 14, the U.K. government opened a consultation… Continue reading The U.K. is considering prohibiting ransom payments. It’s a difficult issue.

Attackers are encrypting AWS S3 data without using ransomware

A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with AWS’s server-side encryption option with customer-provided keys (SSE-C), and asking for money to hand over the key they used. They do not e… Continue reading Attackers are encrypting AWS S3 data without using ransomware

8Base hacked port operating company Luka Rijeka

Luka Rijeka, a company that offers maritime transport, port, storage of goods and forwarding services in Rijeka, Croatia, has been hacked by the 8Base ransomware group. According to HackManac, the group claimed the attack on their dark web data leak si… Continue reading 8Base hacked port operating company Luka Rijeka

Private US companies targeted by Stonefly APT

Undeterred by the indictment issued against one of its alleged members, North Korean APT group Stonefly (aka APT45) continues to target companies in the US, Symantec threat analysts warned. About Stonefly Also known as Andariel and OnyxFleet, Stonefly … Continue reading Private US companies targeted by Stonefly APT