The LockBit ransomware group on Tuesday published 1.5 terabytes of data the group says it stole from Bank Syariah Indonesia after ransom negotiations broke down. The group says the records include information of about 15 million customers and employees of the country's largest Islamic bank.
In the days between May 11 and May 18, the Uranium Finance hacker laundered more stolen funds, LayerZero launched a $15 million bug bounty program, the European Union adopted comprehensive cryptocurrency legislation, and Ledger faced backlash on its seed phrase recovery solution.
In this week's data breach roundup: the Philadelphia Inquirer, Swiss multinational ABB, French electronics manufacturer Lacroix, the U.S. Department of Transportation employee data and more. Dallas is still recovering from a ransomware attack and researchers infiltrated a ransomware group.
Fifteen months after Russia intensified its illegal invasion of Ukraine, experts say top cyber defense lessons policymakers and defenders should apply include focusing on resilience. Building for resilience acknowledges the inevitability of ongoing attacks.
The BianLian ransomware group is abandoning malicious encryption in favor of pure extortion, warns the U.S. top cybersecurity agency. A major likely factor in BianLian's shift was cybersecurity firm Avast's January release of a free decryptor.
Data443 has bought Cyren's threat intelligence, URL categorization and email security technology out of bankruptcy for up to $3.5 million. Buying Cyren's anti-spam, virus outbreak detection, IP reputation, URL filtering and Threat InDepth data feeds will boost Data443's existing product portfolio.
Ukraine's top cybersecurity agency says Russian hackers took a sudden interest in obtaining personal data and mounted successful attacks against more than one-third of the country's largest insurers. It predicts the stolen data may end up for sale on the dark web.
The Royal ransomware group, which spun off from Conti in early 2022, is refining its downloader malware using tactics and techniques that appear to draw directly from other post-Conti groups, as well as working closely with trusted former associates of Conti, REvil and Hive, researchers say.
Security researchers say a new Babuk knockoff ransomware group emerged in April and has already claimed targets in the United States and South Korea. Threat intelligence company Cisco Talos says RA Group is the latest criminal group to take advantage of the June 2021 leak of Babuk source code.
U.S. federal prosecutors announced a slew of indictments and arrests in cases involving attempts by foreign nationals to illegally export technology into Russia, China and Iran. The arrests are part of a recently announced Disruptive Technology Strike Force.
An Illinois man pleaded guilty Monday to eight criminal counts stemming from the three years he spent leading a conspiracy to sell stolen financial information on darknet markets. The man, Michael D. Mihalo, 40, founded a darknet carding site known as Skynet Market.
A Russian man the U.S. government says was a key actor in Russian ransomware hacking faces federal criminal charges and economic sanctions. A $10 million reward is out for information leading to his arrest. Mikhail Matveev, aka "Wazawaka," was a key figure in the Babuk ransomware-as-a-service gang.
A threat actor is using a custom-made backdoor to target organizations operating in South and Southeast Asia. Sectors at immediate risk include government, aviation, education and telecommunications. The Lancefly ATP group uses custom-written malware that Symantec's Threat Hunter Team calls Merdoor.
Fallout from the March hack of Capita and accompanying data breach continues to mount. While the outsourcing giant initially reported no signs of data exfiltration, multiple customers - including Britain's largest pension fund and potentially hundreds more - now say personal data is indeed at risk.
Institutional pharmacy PharMerica says personal data of nearly 6 million current and deceased patients was caught up in a March hacking incident. The Money Message ransomware group claims to be the attacker, posting on its dark web leak site multiple spreadsheets the group says contain patient data.