Asokan is senior correspondent for Information Security Media Group's global news desk. She has previously worked with IDG and other publications where she reported on developments in technology, minority-rights and education.
The University of Hertfordshire has sustained a cyber incident that severely affected students' online classes and an assignment submission portal. The university, however, notes the incident did not lead to data theft.
The gang behind ransomware dubbed "Cring," which has waged a series of attacks this year, is exploiting a Fortinet VPN server vulnerability that the company patched in 2019, according to a report from the security firm Kaspersky that analyzes one attack in Europe.
A previously unknown threat group is deploying Hades ransomware as part of an ongoing campaign that has already targeted three U.S. companies, Accenture's cyberthreat intelligence group reports.
The REvil ransomware gang has added a new malware capability that enables the attackers to reboot an infected device after encryption, security researchers at MalwareHunterTeam report.
There has been a spike in web shells being detected as ransomware gangs and other attackers increasingly target vulnerable on-premises Microsoft Exchange servers following publication of proof-of-concept attack code for ProxyLogon, which is one of four zero-day flaws patched by Microsoft in early March.
The Pysa ransomware strain is increasingly targeting educational institutions in the U.S. and U.K., the FBI warns in a new flash alert. The hackers may threaten to leak exfiltrated data if a ransom is not paid.
Microsoft has released an interim mitigation tool designed to help smaller organizations take quick action to prevent attacks that exploit the unpatched ProxyLogon flaw in on-premises Microsoft Exchange servers.
The Russian hacker group RTM is deploying a new ransomware variant dubbed "Quoter" along with a banking Trojan as part of an extortion campaign, according to the security firm Kaspersky.
The Lazarus Group, a North Korean hacking operation also known as Hidden Cobra, is deploying TFlower ransomware, using its MATA malware framework, security firm Sygnia reports.
A new malware loader dubbed "Gootloader" is using search engine optimization techniques to spread ransomware, Trojans and other malware, the security firm Sophos reports.
The cryptocurrency company Tether has refused to pay a ransom of 500 bitcoins ($24 million) after hackers threatened to leak sensitive data if the company failed to pay.
Finnish IT giant TietoEVRY announced Tuesday that ransomware crippled its infrastructure, forcing it to take down affected systems to contain the spread of the malware.
Trickbot appears to be making a comeback with a fresh campaign that is targeting insurance companies and legal firms in North America, according to an analysis by Menlo Security. Researchers had warned the malware might surface again after a coordinated takedown of the botnet's infrastructure in 2020.
U.S. and Bulgarian authorities have seized servers and disrupted the infrastructure and darknet websites of the Netwalker ransomware gang. Police have also arrested one person and confiscated ransom money collected by the cybercriminal gang. The news comes the same week the Emotet botnet was disrupted.
Ransomware dominated the cybercrime landscape in 2020 and looks set to do so again this year, as criminals seek fresh new ways to make victims pay. Experts predict gangs will double down on whatever works, which lately includes data exfiltration.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.