Ransomware

Legit tools, illicit uses: Velociraptor, Nezha turned against victims

APT, attack tools, Cisco, Don't miss, Hot stuff, Huntress, News, open source, Ransomware, Sophos /

Legit tools, illicit uses: Velociraptor, Nezha turned against victims 2025-10-09 at 19:19 By Zeljka Zorz Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the latest additions to their attack toolbox. Velociraptor misuse A suspected China-based ransomware threat actor has […]

React to this headline:

Loading spinner

Legit tools, illicit uses: Velociraptor, Nezha turned against victims Read More »

Ransomware Group Claims Attack on Beer Giant Asahi

Asahi, data breach, Data Breaches, Qilin, Ransomware /

Ransomware Group Claims Attack on Beer Giant Asahi 2025-10-08 at 13:22 By Ionut Arghire The hackers claim the theft of 27 gigabytes of data, including contracts, employee information, and financial documents. The post Ransomware Group Claims Attack on Beer Giant Asahi appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Ransomware Group Claims Attack on Beer Giant Asahi Read More »

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks

exploited, Fortra, GoAnywhere, Ransomware, Vulnerabilities, vulnerability, Zero-Day /

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks 2025-10-07 at 12:40 By Ionut Arghire The Medusa ransomware operators exploited the GoAnywhere MFT vulnerability one week before patches were released. The post Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks Read More »

Beer Giant Asahi Says Data Stolen in Ransomware Attack

Asahi, data breach, Data Breaches, Ransomware /

Beer Giant Asahi Says Data Stolen in Ransomware Attack 2025-10-06 at 11:41 By Ionut Arghire The brewing giant has reverted to manual order processing and shipment as operations at its Japanese subsidiaries are disrupted. The post Beer Giant Asahi Says Data Stolen in Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Beer Giant Asahi Says Data Stolen in Ransomware Attack Read More »

766,000 Impacted by Data Breach at Dealership Software Provider Motility

data breach, Data Breaches, Motility, Pear, Ransomware /

766,000 Impacted by Data Breach at Dealership Software Provider Motility 2025-10-02 at 14:53 By Ionut Arghire The hackers stole names, contact details, Social Security numbers, and driver’s license numbers in an August 19 ransomware attack. The post 766,000 Impacted by Data Breach at Dealership Software Provider Motility appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

766,000 Impacted by Data Breach at Dealership Software Provider Motility Read More »

Google Drive for desktop will spot, stop and remedy ransomware damage

cloud storage, Don't miss, Encryption, Google, Google Drive, Hot stuff, macOS, News, Ransomware, Windows /

Google Drive for desktop will spot, stop and remedy ransomware damage 2025-10-01 at 16:33 By Zeljka Zorz Google has rolled out AI-powered ransomware detection and file restoration features in Drive for desktop, Google’s official file syncing and access app for Windows and macOS. Currently in open beta, this new layer of defense is not meant

React to this headline:

Loading spinner

Google Drive for desktop will spot, stop and remedy ransomware damage Read More »

Akira ransomware: From SonicWall VPN login to encryption in under four hours

Arctic Wolf Networks, credentials, Don't miss, enterprise, Hot stuff, MFA, News, Ransomware, SMBs, SonicWall, vulnerability /

Akira ransomware: From SonicWall VPN login to encryption in under four hours 2025-09-29 at 18:47 By Zeljka Zorz Four hours or less: that’s how long it takes for Akira affiliates to break into organizations and deploy the ransomware on their systems, Arctic Wolf researchers have warned. Armed with SonicWall SSL VPN credentials stolen in earlier

React to this headline:

Loading spinner

Akira ransomware: From SonicWall VPN login to encryption in under four hours Read More »

Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues

Akira, Ransomware, SonicWall /

Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues 2025-09-29 at 13:12 By Ionut Arghire In one attack, the hackers leveraged the Datto RMM utility on a domain controller and various other legitimate tools to evade detection. The post Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues Read More »

Ransomware groups are multiplying, raising the stakes for defenders

cybercrime, cybersecurity, Malware, News, Ransomware, report, Searchlight Cyber /

Ransomware groups are multiplying, raising the stakes for defenders 2025-09-26 at 09:08 By Sinisa Markovic Ransomware activity is climbing again, with a steep increase in the number of victims and the number of groups launching attacks. A new mid-year report from Searchlight Cyber shows how quickly the threat landscape is shifting and why CISOs need

React to this headline:

Loading spinner

Ransomware groups are multiplying, raising the stakes for defenders Read More »

RTX Confirms Airport Services Hit by Ransomware

airport, Collins Aerospace, Ransomware, RTX /

RTX Confirms Airport Services Hit by Ransomware 2025-09-25 at 16:11 By Eduard Kovacs The aerospace and defense giant has disclosed the cyberattack in a filing with the SEC. The post RTX Confirms Airport Services Hit by Ransomware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

RTX Confirms Airport Services Hit by Ransomware Read More »

Volvo Group Employee Data Stolen in Ransomware Attack

data breach, Data Breaches, Ransomware /

Volvo Group Employee Data Stolen in Ransomware Attack 2025-09-25 at 13:22 By Ionut Arghire The Miljödata data breach has impacted numerous organizations, education institutions, and Swedish municipalities. The post Volvo Group Employee Data Stolen in Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Volvo Group Employee Data Stolen in Ransomware Attack Read More »

European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested

arrested, Collins Aerospace, Featured, hacker, HardBit, Ransomware /

European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested 2025-09-24 at 15:17 By Eduard Kovacs Cybersecurity researchers believe the attack on Collins Aerospace involved a piece of ransomware known as HardBit. The post European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested Read More »

SonicWall adds rootkit removal capabilities to the SMA 100 series

Don't miss, firmware, Google, Hot stuff, Mandiant, News, Ransomware, rootkits, security update, SonicWall /

SonicWall adds rootkit removal capabilities to the SMA 100 series 2025-09-23 at 16:24 By Zeljka Zorz SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series appliances, adding file-checking capabilities that help users remove known rootkit malware. The malware in question is the OVERSTEP user-mode rootkit, deployed by threat group UNC6148. The

React to this headline:

Loading spinner

SonicWall adds rootkit removal capabilities to the SMA 100 series Read More »

European Airport Disruptions Caused by Ransomware Attack

aiport, Collins Aerospace, cyberattack, disruption, Europe, Featured, Ransomware /

European Airport Disruptions Caused by Ransomware Attack 2025-09-22 at 15:34 By Eduard Kovacs Collins Aerospace is reportedly having difficulties recovering from the ransomware attack. The post European Airport Disruptions Caused by Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

European Airport Disruptions Caused by Ransomware Attack Read More »

Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard 

data breach, Data Breaches, healthcare, Medical Associates of Brevard, Ransomware /

Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard  2025-09-18 at 13:10 By Eduard Kovacs The BianLian ransomware group took credit for the cyberattack on the healthcare organization in January 2025.  The post Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard  Read More »

Insight Partners Confirms Data Breach Result of Ransomware Attack

data breach, Data Breaches, Featured, Insight Partners, Ransomware /

Insight Partners Confirms Data Breach Result of Ransomware Attack 2025-09-18 at 11:10 By Eduard Kovacs Venture capital firm Insight Partners says the data breach disclosed in February 2025 impacts over 12,000 people. The post Insight Partners Confirms Data Breach Result of Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Insight Partners Confirms Data Breach Result of Ransomware Attack Read More »

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents

credentials, Don't miss, Endpoint Security, enterprise, Hot stuff, Huntress, News, Ransomware, Rapid7, SMBs, SonicWall /

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents 2025-09-16 at 15:46 By Zeljka Zorz All target organizations are different, but ransomware attackers are highly adaptive and appreciate – and will exploit – any mistake you make. The latest Akira ransomware attacks Managed security service providers and external incident responders have had a

React to this headline:

Loading spinner

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents Read More »

West Virginia Credit Union Notifying 187,000 People Impacted by 2023 Data Breach

credit union, data breach, Data Breaches, Fairmont Federal Credit Union, Ransomware /

West Virginia Credit Union Notifying 187,000 People Impacted by 2023 Data Breach 2025-09-15 at 12:46 By Ionut Arghire Two years after the fact, Fairmont Federal Credit Union tells customers their personal, financial, and medical information was compromised. The post West Virginia Credit Union Notifying 187,000 People Impacted by 2023 Data Breach appeared first on SecurityWeek.

React to this headline:

Loading spinner

West Virginia Credit Union Notifying 187,000 People Impacted by 2023 Data Breach Read More »

HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot

bootkit, Don't miss, ESET, Hot stuff, News, Ransomware /

HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot 2025-09-12 at 19:00 By Help Net Security ESET researchers have discovered HybridPetya, a bootkit-and-ransomware combo that’s a copycat of the infamous Petya/NotPetya malware, augmented with the capability of compromising UEFI-based systems and weaponizing CVE-2024-7344 to bypass UEFI Secure Boot on outdated systems. The sample was uploaded from

React to this headline:

Loading spinner

HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot Read More »

Akira ransomware affiliates continue breaching organizations via SonicWall firewalls

ACSC, Australia, Don't miss, Hot stuff, News, Ransomware, Rapid7, SonicWall, vulnerability /

Akira ransomware affiliates continue breaching organizations via SonicWall firewalls 2025-09-11 at 18:25 By Zeljka Zorz Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting it. Like last September and earlier this year, the attackers are affiliates of the Akira

React to this headline:

Loading spinner

Akira ransomware affiliates continue breaching organizations via SonicWall firewalls Read More »

Scroll to Top