Ransomware - Security Ticks

Microsoft revokes 200 certs used to sign malicious Teams installers

certificates, Don't miss, Hot stuff, Microsoft, Microsoft Teams, News, Ransomware / SecurityTicks

Microsoft revokes 200 certs used to sign malicious Teams installers 2025-10-17 at 15:59 By Zeljka Zorz By revoking 200 software-signing certificates, Microsoft has hampered the activities of Vanilla Tempest, a ransomware-wielding threat actor that has been targeting organizations with malware posing as Microsoft Teams. “In this campaign, Vanilla Tempest used fake MSTeamsSetup.exe files hosted on […]

Microsoft revokes 200 certs used to sign malicious Teams installers Read More »

Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign

certificates, disrupted, Microsoft, Ransomware, Rhysida, Vanilla Tempest, Vice Society / SecurityTicks

Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign 2025-10-16 at 17:45 By Eduard Kovacs The tech giant attributed the attacks to Vanilla Tempest, also known as Vice Spider and Vice Society. The post Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign Read More »

HyperBunker Raises Seed Funding to Launch Next-Generation Anti-Ransomware Device

Data Protection, Ransomware / SecurityTicks

HyperBunker Raises Seed Funding to Launch Next-Generation Anti-Ransomware Device 2025-10-14 at 19:52 By Kevin Townsend Investors are placing bets on a hardware-based approach to data security in a market dominated by software solutions for ransomware resilience. The post HyperBunker Raises Seed Funding to Launch Next-Generation Anti-Ransomware Device appeared first on SecurityWeek. This article is an

HyperBunker Raises Seed Funding to Launch Next-Generation Anti-Ransomware Device Read More »

SimonMed Imaging Data Breach Impacts 1.2 Million

data breach, Data Breaches, healthcare, Ransomware, SimonMed / SecurityTicks

SimonMed Imaging Data Breach Impacts 1.2 Million 2025-10-13 at 16:03 By Eduard Kovacs SimonMed Imaging was targeted by the Medusa ransomware group, which claimed to have stolen 200 Gb of data. The post SimonMed Imaging Data Breach Impacts 1.2 Million appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SimonMed Imaging Data Breach Impacts 1.2 Million Read More »

Legit tools, illicit uses: Velociraptor, Nezha turned against victims

APT, attack tools, Cisco, Don't miss, Hot stuff, Huntress, News, open source, Ransomware, Sophos / SecurityTicks

Legit tools, illicit uses: Velociraptor, Nezha turned against victims 2025-10-09 at 19:19 By Zeljka Zorz Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the latest additions to their attack toolbox. Velociraptor misuse A suspected China-based ransomware threat actor has

Legit tools, illicit uses: Velociraptor, Nezha turned against victims Read More »

Ransomware Group Claims Attack on Beer Giant Asahi

Asahi, data breach, Data Breaches, Qilin, Ransomware / SecurityTicks

Ransomware Group Claims Attack on Beer Giant Asahi 2025-10-08 at 13:22 By Ionut Arghire The hackers claim the theft of 27 gigabytes of data, including contracts, employee information, and financial documents. The post Ransomware Group Claims Attack on Beer Giant Asahi appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ransomware Group Claims Attack on Beer Giant Asahi Read More »

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks

exploited, Fortra, GoAnywhere, Ransomware, Vulnerabilities, vulnerability, Zero-Day / SecurityTicks

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks 2025-10-07 at 12:40 By Ionut Arghire The Medusa ransomware operators exploited the GoAnywhere MFT vulnerability one week before patches were released. The post Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks Read More »

Beer Giant Asahi Says Data Stolen in Ransomware Attack

Asahi, data breach, Data Breaches, Ransomware / SecurityTicks

Beer Giant Asahi Says Data Stolen in Ransomware Attack 2025-10-06 at 11:41 By Ionut Arghire The brewing giant has reverted to manual order processing and shipment as operations at its Japanese subsidiaries are disrupted. The post Beer Giant Asahi Says Data Stolen in Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from

Beer Giant Asahi Says Data Stolen in Ransomware Attack Read More »

766,000 Impacted by Data Breach at Dealership Software Provider Motility

data breach, Data Breaches, Motility, Pear, Ransomware / SecurityTicks

766,000 Impacted by Data Breach at Dealership Software Provider Motility 2025-10-02 at 14:53 By Ionut Arghire The hackers stole names, contact details, Social Security numbers, and driver’s license numbers in an August 19 ransomware attack. The post 766,000 Impacted by Data Breach at Dealership Software Provider Motility appeared first on SecurityWeek. This article is an

766,000 Impacted by Data Breach at Dealership Software Provider Motility Read More »

Google Drive for desktop will spot, stop and remedy ransomware damage

cloud storage, Don't miss, Encryption, Google, Google Drive, Hot stuff, macOS, News, Ransomware, Windows / SecurityTicks

Google Drive for desktop will spot, stop and remedy ransomware damage 2025-10-01 at 16:33 By Zeljka Zorz Google has rolled out AI-powered ransomware detection and file restoration features in Drive for desktop, Google’s official file syncing and access app for Windows and macOS. Currently in open beta, this new layer of defense is not meant

Google Drive for desktop will spot, stop and remedy ransomware damage Read More »

Akira ransomware: From SonicWall VPN login to encryption in under four hours

Arctic Wolf Networks, credentials, Don't miss, enterprise, Hot stuff, MFA, News, Ransomware, SMBs, SonicWall, vulnerability / SecurityTicks

Akira ransomware: From SonicWall VPN login to encryption in under four hours 2025-09-29 at 18:47 By Zeljka Zorz Four hours or less: that’s how long it takes for Akira affiliates to break into organizations and deploy the ransomware on their systems, Arctic Wolf researchers have warned. Armed with SonicWall SSL VPN credentials stolen in earlier

Akira ransomware: From SonicWall VPN login to encryption in under four hours Read More »

Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues

Akira, Ransomware, SonicWall / SecurityTicks

Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues 2025-09-29 at 13:12 By Ionut Arghire In one attack, the hackers leveraged the Datto RMM utility on a domain controller and various other legitimate tools to evade detection. The post Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Akira Ransomware’s Exploitation of SonicWall Vulnerability Continues Read More »

Ransomware groups are multiplying, raising the stakes for defenders

cybercrime, cybersecurity, Malware, News, Ransomware, report, Searchlight Cyber / SecurityTicks

Ransomware groups are multiplying, raising the stakes for defenders 2025-09-26 at 09:08 By Sinisa Markovic Ransomware activity is climbing again, with a steep increase in the number of victims and the number of groups launching attacks. A new mid-year report from Searchlight Cyber shows how quickly the threat landscape is shifting and why CISOs need

Ransomware groups are multiplying, raising the stakes for defenders Read More »

RTX Confirms Airport Services Hit by Ransomware

airport, Collins Aerospace, Ransomware, RTX / SecurityTicks

RTX Confirms Airport Services Hit by Ransomware 2025-09-25 at 16:11 By Eduard Kovacs The aerospace and defense giant has disclosed the cyberattack in a filing with the SEC. The post RTX Confirms Airport Services Hit by Ransomware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

RTX Confirms Airport Services Hit by Ransomware Read More »

Volvo Group Employee Data Stolen in Ransomware Attack

data breach, Data Breaches, Ransomware / SecurityTicks

Volvo Group Employee Data Stolen in Ransomware Attack 2025-09-25 at 13:22 By Ionut Arghire The Miljödata data breach has impacted numerous organizations, education institutions, and Swedish municipalities. The post Volvo Group Employee Data Stolen in Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Volvo Group Employee Data Stolen in Ransomware Attack Read More »

European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested

arrested, Collins Aerospace, Featured, hacker, HardBit, Ransomware / SecurityTicks

European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested 2025-09-24 at 15:17 By Eduard Kovacs Cybersecurity researchers believe the attack on Collins Aerospace involved a piece of ransomware known as HardBit. The post European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested Read More »

SonicWall adds rootkit removal capabilities to the SMA 100 series

Don't miss, firmware, Google, Hot stuff, Mandiant, News, Ransomware, rootkits, security update, SonicWall / SecurityTicks

SonicWall adds rootkit removal capabilities to the SMA 100 series 2025-09-23 at 16:24 By Zeljka Zorz SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series appliances, adding file-checking capabilities that help users remove known rootkit malware. The malware in question is the OVERSTEP user-mode rootkit, deployed by threat group UNC6148. The

SonicWall adds rootkit removal capabilities to the SMA 100 series Read More »

European Airport Disruptions Caused by Ransomware Attack

aiport, Collins Aerospace, cyberattack, disruption, Europe, Featured, Ransomware / SecurityTicks

European Airport Disruptions Caused by Ransomware Attack 2025-09-22 at 15:34 By Eduard Kovacs Collins Aerospace is reportedly having difficulties recovering from the ransomware attack. The post European Airport Disruptions Caused by Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

European Airport Disruptions Caused by Ransomware Attack Read More »

Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard

data breach, Data Breaches, healthcare, Medical Associates of Brevard, Ransomware / SecurityTicks

Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard 2025-09-18 at 13:10 By Eduard Kovacs The BianLian ransomware group took credit for the cyberattack on the healthcare organization in January 2025. The post Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard appeared first on SecurityWeek. This article is an excerpt

Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard Read More »

Insight Partners Confirms Data Breach Result of Ransomware Attack

data breach, Data Breaches, Featured, Insight Partners, Ransomware / SecurityTicks

Insight Partners Confirms Data Breach Result of Ransomware Attack 2025-09-18 at 11:10 By Eduard Kovacs Venture capital firm Insight Partners says the data breach disclosed in February 2025 impacts over 12,000 people. The post Insight Partners Confirms Data Breach Result of Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Insight Partners Confirms Data Breach Result of Ransomware Attack Read More »