Ransomware

GentleKiller targets more than 400 security processes across 48 products

cybercrime, Don't miss, Endpoint Security, ESET, Malware, News, Ransomware, research /

GentleKiller targets more than 400 security processes across 48 products 2026-06-18 at 12:00 By Anamarija Pogorelec Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR) […]

GentleKiller targets more than 400 security processes across 48 products Read More »

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

DragonForce, Malware, Malware & Threats, Microsoft Teams, Ransomware /

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack 2026-06-17 at 13:38 By Ionut Arghire The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control. The post Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack Read More »

Cybercriminals mask malicious communications through Microsoft Teams relays

backdoor, cybercrime, Malware, Microsoft Teams, News, Ransomware /

Cybercriminals mask malicious communications through Microsoft Teams relays 2026-06-16 at 17:22 By Sinisa Markovic The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion at a U.S. services company, according to Symantec. DragonForce is a ransomware-as-a-service operation that has been active since 2023.

Cybercriminals mask malicious communications through Microsoft Teams relays Read More »

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Australia, disruptioin, ICS, Mackay Sugar, OT, Ransomware /

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer 2026-06-15 at 18:15 By Eduard Kovacs Mackay Sugar was targeted in a cyberattack carried out by a threat group known as The Gentlemen. The post Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer appeared first on SecurityWeek. This article is an excerpt from

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer Read More »

Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges

Conti, cybercrime, guilty, hacker, Ransomware /

Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges 2026-06-15 at 14:33 By Ionut Arghire Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang. The post Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges Read More »

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks

Check Point, exploited, Qilin, Ransomware, VPN, Vulnerabilities, Zero-Day /

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks 2026-06-09 at 13:39 By Ionut Arghire The authentication bypass vulnerability allows attackers to establish VPN connections without a valid password. The post Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks Read More »

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

0-day, Check Point, data theft, Don't miss, enterprise, Hot stuff, News, Ransomware, secure access, VPN, vulnerability /

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) 2026-06-08 at 16:16 By Zeljka Zorz A Qilin ransomware affiliate is believed to be exploiting CVE-2026-50751, an authentication bypass vulnerability in Check Point VPN Remote Access and Mobile Access, the company announced on Monday. About CVE-2026-50751 Check Point Remote Access VPN enables and secures connections between

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) Read More »

Sophos uncovers AI-powered malware lab built for EDR evasion

AI, cybercrime, Malware, News, Ransomware, Sophos /

Sophos uncovers AI-powered malware lab built for EDR evasion 2026-06-02 at 15:47 By Sinisa Markovic A threat actor used AI technologies to build a malware-testing framework for developing and refining endpoint detection and response (EDR) evasion techniques, according to Sophos. The investigation began after an anomalous endpoint in a customer environment triggered alerts tied to

Sophos uncovers AI-powered malware lab built for EDR evasion Read More »

FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data

alert, cybercrime, FBI, Ransomware, Silent Ransom Group, Tracking & Law Enforcement, USB /

FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data 2026-05-27 at 11:46 By Ionut Arghire The FBI has issued an alert warning of Silent Ransom Group attacks targeting law firms. The post FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data appeared first on SecurityWeek. This article

FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data Read More »

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report

AI, BH Consulting, cybercrime, cybersecurity, data breach, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Ransomware /

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report 2026-05-25 at 08:59 By Help Net Security This is my favourite time of the year, not just because spring is here and the promise of summer is on the way. But also, because one of my must reads each year gets published. There are

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report Read More »

Downtime has become a $600 billion business problem

AI, Incident Response, News, Ransomware, report, resilience, Risk Management, Splunk /

Downtime has become a $600 billion business problem 2026-05-22 at 11:53 By Anamarija Pogorelec The average cost of downtime has reached $600 billion for the Global 2000, a 50% increase in two years. According to Splunk’s The Hidden Costs of Downtime report, unplanned outages and service degradation cost each company an average of $300 million.

Downtime has become a $600 billion business problem Read More »

The new economics of fraud: Cheaper, faster, more convincing

AI, authentication, cybersecurity, fraud, News, Ransomware, report, scams, social engineering, Visa /

The new economics of fraud: Cheaper, faster, more convincing 2026-05-22 at 08:29 By Anamarija Pogorelec Scams have become one of the fastest-growing consumer risks, driven by AI-enabled impersonation, social engineering, and sophisticated attack methods, according to Visa’s Spring 2026 Biannual Threats Report. Criminals redirect efforts toward trust and third parties Fraud involves behavioral manipulation, fragmented

The new economics of fraud: Cheaper, faster, more convincing Read More »

Authorities dismantle First VPN, used by ransomware actors

cybercrime, cybercriminals, Eurojust, Europe, Europol, Hot stuff, law enforcement, News, Ransomware, VPN /

Authorities dismantle First VPN, used by ransomware actors 2026-05-21 at 17:12 By Anamarija Pogorelec First VPN, a virtual private network service marketed to cybercriminals, promising anonymity for its users, was taken offline on May 19 and 20 as part of Operation Saffron. During the operation, French and Dutch authorities, with support from Europol and Eurojust,

Authorities dismantle First VPN, used by ransomware actors Read More »

Verizon DBIR: Vulnerability exploitation is the dominant initial access vector

AI, CISO, credentials, data breach, Don't miss, Hot stuff, News, phishing, Ransomware, report, social engineering, Verizon, vulnerability disclosure, vulnerability management /

Verizon DBIR: Vulnerability exploitation is the dominant initial access vector 2026-05-20 at 17:16 By Zeljka Zorz Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach Investigations Report. This is the first time credential theft has been knocked off the

Verizon DBIR: Vulnerability exploitation is the dominant initial access vector Read More »

When ransomware hits, confidence doesn’t restore endpoints

Absolute Security, boardroom, CISO, Endpoint Security, News, Ransomware, resilience, UK, USA /

When ransomware hits, confidence doesn’t restore endpoints 2026-05-18 at 07:03 By Anamarija Pogorelec Ransomware, supply chain vulnerabilities, insider threats, compliance failures, and software disruptions remain major concerns for security leaders, according to The Ransomware Reality: Zero Days to Recover report by Absolute Security. How CISOs currently ensure endpoint resilience against ransomware (overall, %) (Source: Absolute

When ransomware hits, confidence doesn’t restore endpoints Read More »

American Lending Center Data Breach Affects 123,000 Individuals

ALC, American Lending Center, data breach, Data Breaches, Ransomware /

American Lending Center Data Breach Affects 123,000 Individuals 2026-05-15 at 14:32 By Eduard Kovacs The non-bank lender discovered a ransomware attack nearly one year ago, but only recently completed its investigation. The post American Lending Center Data Breach Affects 123,000 Individuals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

American Lending Center Data Breach Affects 123,000 Individuals Read More »

Why Australian Dark Web Data Is Now Being Sold in Bundles — and What It Means for Organizational Exposure in 2026

ANZ, Australia, darkweb, data breach, Ransomware, Threat Intelligence /

Why Australian Dark Web Data Is Now Being Sold in Bundles — and What It Means for Organizational Exposure in 2026 2026-05-14 at 12:48 By Ashish Khaitan In 2026, opportunistic assaults and isolated breaches will no longer characterize Australia’s cyber risk environment. Industrialized data theft, in which stolen data is packaged, repackaged, and marketed on

Why Australian Dark Web Data Is Now Being Sold in Bundles — and What It Means for Organizational Exposure in 2026 Read More »

Over 70% of organizations hit by identity breaches

credentials, cybersecurity, identity management, News, Non Human Identities, Ransomware, report, Sophos /

Over 70% of organizations hit by identity breaches 2026-05-14 at 07:30 By Anamarija Pogorelec Attackers rely on stolen credentials, compromised service accounts, and social engineering attacks targeting employees, according to Sophos’ The State of Identity Security 2026 survey. What do you estimate to be the overall cost to your organization to rectify the identity breach?

Over 70% of organizations hit by identity breaches Read More »

Foxconn Confirms North American Factories Hit by Cyberattack

data breach, Data Breaches, Foxconn, Ransomware /

Foxconn Confirms North American Factories Hit by Cyberattack 2026-05-14 at 01:32 By Eduard Kovacs The Nitrogen ransomware group claims to have hacked the company’s systems, stealing 8TB of data, including confidential documents. The post Foxconn Confirms North American Factories Hit by Cyberattack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Foxconn Confirms North American Factories Hit by Cyberattack Read More »

Scroll to Top