Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: ransom Clear Filter

Known. Emerging. Unstoppable? Ransomware Attacks Still Evade Defenses

bleepingcomputer.com Unknown 2025-09-22 07:01:11

No, it's not new or particularly exotic, but after years of attacks, ransomware continues to rank among the most destructive threats facing global organizations today. Even with security teams pouring significant resources into prevention and detection efforts, attackers are still finding ways to bypass their defenses. Double extortion has become the default approach, with groups encrypting systems and stealing sensitive data for leverage. Some actors are now skipping the encryption step entir

Topics: bas data defenses ransomware report
Read More
Shop Amazon

Panama Ministry of Economy discloses breach claimed by INC ransomware

bleepingcomputer.com Unknown 2025-10-05 07:26:59

Panama's Ministry of Economy and Finance (MEF) has disclosed that one of its computers may have been compromised in a cyberattack.. The government noted that it activated the security procedures for these situations, stating that the incident has been contained and didn't impact core systems that are vital to its operations. "The Ministry of Economy and Finance informs the public that today an incident involving possible malicious software was detected on one of the Ministry's workstations," M

Topics: data mef ministry panama ransom
Read More
Shop Amazon

US charges admin of LockerGoga, MegaCortex, Nefilim ransomware

bleepingcomputer.com Unknown 2025-10-10 07:08:15

The U.S. Department of Justice has charged Ukrainian national Volodymyr Viktorovich Tymoshchuk for his role as the administrator of the LockerGoga, MegaCortex, and Nefilim ransomware operations. Also known online as deadforz, Boba, msfv, and farnetwork, Tymoshchuk was involved in ransomware attacks that led to the breach of hundreds of companies, resulting in millions of dollars in damages, according to a superseding indictment unsealed today. Between July 2019 and June 2020, Tymoshchuk and hi

Topics: attacks charges lockergoga ransomware tymoshchuk
Read More
Shop Amazon

Lovesac confirms data breach after ransomware attack claims

bleepingcomputer.com Unknown 2025-10-12 07:24:25

American furniture brand Lovesac is warning that it suffered a data breach impacting an undisclosed number of individuals, stating their personal data was exposed in a cybersecurity incident. Lovesac is a furniture designer, manufacturer, and retailer, operating 267 showrooms across the United States, and having annual net sales of $750 million. They are best known for their modular couch systems called 'sactionals,' as well as their bean bags called 'sacs.' According to the notices sent to i

Topics: 2025 data individuals lovesac ransomware
Read More
Shop Amazon

Pennsylvania AG Office says ransomware attack behind recent outage

bleepingcomputer.com Unknown 2025-10-21 22:20:01

The Office of the Pennsylvania Attorney General announced that a ransomware attack is behind the ongoing two-week service outage. In an official statement, Attorney General David W. Sunday Jr. said that the office refused to pay the attackers. “The interruption was caused by an outsider encrypting files in an effort to force the office to make a payment to restore operations. No payment has been made,” explained AG Sunday. “An active investigation is ongoing with other agencies, which limits

Topics: ag attack office ransomware time
Read More
Shop Amazon

Malware devs abuse Anthropic’s Claude AI to build ransomware

bleepingcomputer.com Unknown 2025-10-28 03:08:08

Anthropic's Claude Code large language model has been abused by threat actors who used it in data extortion campaigns and to develop ransomware packages. The company says that its tool has also been used in fraudulent North Korean IT worker schemes and to distribute lures for Contagious Interview campaigns, in Chinese APT campaigns, and by a Russian-speaking developer to create malware with advanced evasion capabilities. AI-created ransomware In another instance, tracked as ‘GTG-5004,’ a UK-b

Topics: ai anthropic claude ransomware threat
Read More
Shop Amazon

MATLAB dev says ransomware gang stole data of 10,000 people

bleepingcomputer.com Unknown 2025-10-28 11:00:06

MathWorks, a leading developer of mathematical simulation and computing software, revealed that a ransomware gang stole the data of over 10,000 people after breaching its network in April. The company disclosed the attack on May 27, when it linked ongoing service outages to a ransomware incident that disrupted access to some internal systems and online applications for its staff and customers. Impacted services included multi-factor authentication (MFA), account SSO (Single Sign-On), the MathW

Topics: attackers breach gang mathworks ransomware
Read More
Shop Amazon

Storm-0501 hackers shift to ransomware attacks in the cloud

bleepingcomputer.com Unknown 2025-10-29 15:38:12

Microsoft warns that a threat actor tracked as Storm-0501 has evolved its operations, shifting away from encrypting devices with ransomware to focusing on cloud-based encryption, data theft, and extortion. The hackers now abuse native cloud features to exfiltrate data, wipe backups, and destroy storage accounts, thereby applying pressure and extorting victims without deploying traditional ransomware encryption tools. Storm-0501 is a threat actor who has been active since at least 2021, deployi

Topics: cloud data microsoft ransomware threat
Read More
Shop Amazon

The Era of AI-Generated Ransomware Has Arrived

wired.com Lily Hay Newman 2025-10-29 10:36:43

As cybercrime surges around the world, new research increasingly shows that ransomware is evolving as a result of widely available generative AI tools. In some cases, attackers are using AI to draft more intimidating and coercive ransom notes and conduct more effective extortion attacks. But cybercriminals’ use of generative AI is rapidly becoming more sophisticated. Researchers from the generative AI company Anthropic today revealed that attackers are leaning on generative AI more heavily—somet

Topics: ai anthropic generative malware ransomware
Read More
Shop Amazon

Colt confirms customer data stolen as Warlock ransomware auctions files

bleepingcomputer.com Unknown 2025-11-08 21:41:07

UK-based telecommunications company Colt Technology Services confirms that customer documentation was stolen as Warlock ransomware gang auctions files. The British telecommunications and network services provider previously disclosed it suffered an attack on August 12, but this is the first time they confirmed data had been stolen. "A criminal group has accessed certain files from our systems that may contain information related to our customers and posted the document titles on the dark web,"

Topics: gang group ransom ransomware warlock
Read More
Shop Amazon

Europol confirms $50,000 Qilin ransomware reward is fake

bleepingcomputer.com Unknown 2025-11-09 16:25:25

Europol has confirmed that a Telegram channel impersonating the agency and offering a $50,000 reward for information on two Qilin ransomware administrators is fake. The impostor later admitted it was created to troll researchers and journalists. "We were also surprised to see this story gaining traction," Europol told BleepingComputer on Monday. "The announcement didn't come from us." The statement comes after a new Telegram channel called @europolcti was created on August 16th, claiming to of

Topics: bleepingcomputer fake post ransomware researchers
Read More
Shop Amazon

U.S. seizes $2.8 million in crypto from Zeppelin ransomware operator

bleepingcomputer.com Unknown 2025-11-19 00:36:48

The U.S. Department of Justice (DoJ) announced the seizure of more than $2.8 million in cryptocurrency from suspected ransomware operator Ianis Aleksandrovich Antropenko. Antropenko, indicted in Texas for computer fraud and money laundering, was linked to Zeppelin ransomware, a now-defunct extortion operation that ran between 2019 and 2022. Apart from the digital asset seizure, the authorities also confiscated $70,000 in cash and a luxury vehicle. “Antropenko used Zeppelin ransomware to targe

Topics: antropenko million operators ransomware zeppelin
Read More
Shop Amazon

When Theft Replaces Encryption: Blue Report 2025 on Ransomware & Infostealers

bleepingcomputer.com Unknown 2025-11-22 16:01:11

Ransomware and infostealer threats are evolving faster than most organizations can adapt. While security teams have invested heavily in ransomware resilience, particularly through backup and recovery systems, Picus Security's Blue Report 2025 shows that today's most damaging attacks aren't always about encryption. Instead, both ransomware operators and infostealer campaigns often focus on credential theft, data exfiltration, and lateral movement, leveraging old-school stealth and persistence to

Topics: 2025 blue data ransomware report
Read More
Shop Amazon

Crypto24 ransomware hits large orgs with custom EDR evasion tool

bleepingcomputer.com Unknown 2025-11-22 20:53:58

The Crypto24 ransomware group has been using custom utilities to evade security solutions on breached networks, exfiltrate data, and encrypt files. The threat group's earliest activity was reported on BleepingComputer forums in September 2024, though it never reached notable levels of notoriety. According to Trend Micro researchers tracking Crypto24's operations, the hackers have hit several large organizations in the United States, Europe, and Asia, focusing on high-value targets in the finan

Topics: crypto24 custom micro ransomware trend
Read More
Shop Amazon

US govt seizes $1 million in crypto from BlackSuit ransomware gang

bleepingcomputer.com Unknown 2025-11-28 15:18:34

The U.S. Department of Justice (DoJ) seized cryptocurrency and digital assets worth $1,091,453 at the time of confiscation, on January 9, 2024, from the BlackSuit ransomware gang. The authorities tracked the crypto as the cybercriminals moved it repeatedly across virtual currency exchange accounts, depositing and withdrawing it to obfuscate the trace. Eventually, the amount was frozen when it reached a cooperating exchange. The action was made possible thanks to evidence collected by the U.S.

Topics: blacksuit cryptocurrency department exchange ransomware
Read More
Shop Amazon

Manpower discloses data breach affecting nearly 145,000 people

bleepingcomputer.com Unknown 2025-11-29 10:19:30

Manpower, one of the world's largest staffing companies, is notifying nearly 145,000 individuals that their information was stolen by attackers who breached the company's systems in December 2024. Together with Experis and Talent Solutions, the company is part of ManpowerGroup, a multinational corporation with over 600,000 workers in more than 2,700 offices and serving over 100,000 clients worldwide. Last year, ManpowerGroup reported revenues of $17.9 billion and a total gross profit of $3.1 bi

Topics: company data information manpower ransomhub
Read More
Shop Amazon

Saint Paul cyberattack linked to Interlock ransomware gang

bleepingcomputer.com Unknown 2025-11-29 21:03:24

The mayor of Saint Paul, Minnesota's capital city, has confirmed that the Interlock ransomware gang is responsible for a cyberattack that disrupted many of the city's systems and services in July. On July 29th, Minnesota Governor Tim Walz activated the National Guard in response to the crippling cyberattack that had affected St. Paul's digital services and critical systems. The city requested Minnesota National Guard's cyber protection support due to the cyberattack's impact exceeding St. Paul

Topics: city gang interlock paul ransomware
Read More
Shop Amazon

Royal and BlackSuit ransomware gangs hit over 450 US companies

bleepingcomputer.com Unknown 2025-12-04 21:36:34

The U.S. Department of Homeland Security (DHS) says the cybercrime gang behind the Royal and BlackSuit ransomware operations had breached hundreds of U.S. companies before being taken down last month. Homeland Security Investigations (HSI), DHS's main investigative arm, which took down the group's infrastructure in cooperation with international law enforcement partners, added that the cybercriminals also collected over $370 million from their victims. "Since 2022, the Royal and BlackSuit rans

Topics: blacksuit chaos gang ransomware royal
Read More
Shop Amazon

Akira ransomware abuses CPU tuning tool to disable Microsoft Defender

bleepingcomputer.com Unknown 2025-12-08 15:15:57

Akira ransomware is abusing a legitimate Intel CPU tuning driver to turn off Microsoft Defender in attacks from security tools and EDRs running on target machines. The abused driver is 'rwdrv.sys' (used by ThrottleStop), which the threat actors register as a service to gain kernel-level access. This driver is likely used to load a second driver, 'hlpdrv.sys,' a malicious tool that manipulates Windows Defender to turn off its protections. This is a 'Bring Your Own Vulnerable Driver' (BYOVD) at

Topics: akira attacks driver ransomware sys
Read More
Shop Amazon

The Heat Wasn't Just Outside: Cyber Attacks Spiked in Summer 2025

bleepingcomputer.com Unknown 2025-12-12 15:02:12

Summer 2025 wasn't just hot; it was relentless. Ransomware hammered hospitals, retail giants suffered data breaches, insurance firms were hit by phishing, and nation-state actors launched disruptive campaigns. From stealthy PowerShell loaders to zero-day SharePoint exploits, attackers kept defenders on their heels. This report breaks down the season's most high-impact incidents and what security teams need to do before the next wave hits. Summer Expose Healthcare's Growing Ransomware Risk H

Topics: 2025 data ransomware security summer
Read More
Shop Amazon

Ransomware gangs join attacks targeting Microsoft SharePoint servers

bleepingcomputer.com Unknown 2025-12-16 06:26:49

Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide. Security researchers at Palo Alto Networks' Unit 42 have discovered a 4L4MD4R ransomware variant, based on open-source Mauri870 code, while analyzing incidents involving this SharePoint exploit chain (dubbed "ToolShell"). The ransomware was detected on July 27 after discove

Topics: 2025 cve microsoft ransomware security
Read More
Shop Amazon

Authorities seize BlackSuit ransomware gang’s servers

techcrunch.com Zack Whittaker 2025-12-18 00:21:15

German prosecutors say a joint U.S.-European operation has seized infrastructure belonging to the BlackSuit ransomware gang, a notorious hacking group blamed for several major cyberattacks in recent years. In a new statement this week, officials in Germany said they had seized the gang’s servers and systems as part of an operation on July 24. The officials said the operation had secured “considerable amounts of data” that will be used to help identify the individuals responsible for the attacks

Topics: blacksuit gang officials ransomware said
Read More
Shop Amazon

SafePay ransomware threatens to leak 3.5TB of Ingram Micro data

bleepingcomputer.com Unknown 2025-12-22 15:00:07

The SafePay ransomware gang is threatening to leak 3.5TB of data belonging to IT giant Ingram Micro, allegedly stolen from the company's compromised systems earlier this month. Ingram Micro is one of the world's largest business-to-business service providers and technology distributors, offering a wide range of solutions to resellers and managed service providers worldwide, including hardware, software, cloud services, logistics, and training. While BleepingComputer first reported on July 5 th

Topics: ingram leak micro ransomware safepay
Read More
Shop Amazon

FBI seizes $2.4M in Bitcoin from new Chaos ransomware operation

bleepingcomputer.com Unknown 2025-12-26 10:52:41

FBI Dallas has seized approximately 20 Bitcoins from a cryptocurrency address belonging to a Chaos ransomware member that is linked to cyberattacks and extortion payments from Texas companies. The crypto was seized on April 15, 2025, and was traced to an affiliate named "Hors," who is suspected of launching the attacks against the companies. "The seized funds were traced to a cryptocurrency address allegedly associated with a member of the Chaos ransomware group, known as 'Hors,' who has been

Topics: chaos new operation ransomware seized
Read More
Shop Amazon

What was the first ransomware attack to demand payment in Bitcoin?

techspot.com Unknown 2025-12-28 03:50:00

Choose wisely! The correct answer, the explanation, and an intriguing story await. Correct Answer: CryptoLocker (2013) When Verizon bought AOL in 2015, how many people were still paying for dial-up Internet? In the world of cybersecurity, ransomware is a well-known menace, but its evolution into the era of cryptocurrencies marked a major turning point. The first ransomware attack to demand payment specifically in Bitcoin was CryptoLocker, which emerged in September 2013. CryptoLocker was a g

Topics: bitcoin cryptocurrencies cryptolocker payment ransomware
Read More
Shop Amazon

BlackSuit ransomware extortion sites seized in Operation Checkmate

bleepingcomputer.com Unknown 2026-01-01 08:34:13

Law enforcement has seized the dark web extortion sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several years. The U.S. Department of Justice confirmed the takedown in an email earlier today, saying the authorities involved in the action executed a court-authorized seizure of the BlackSuit domains. Earlier today, the websites on the BlackSuit .onion domains were replaced with seizure banners announ

Topics: blacksuit ransomware royal seized sites
Read More
Shop Amazon

BlackSuit ransomware leak sites seized in Operation Checkmate

bleepingcomputer.com Unknown 2026-01-01 20:34:13

Law enforcement has seized the dark web leak sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several years. The U.S. Department of Justice confirmed the takedown in an email earlier today, saying the authorities involved in the action executed a court-authorized seizure of the BlackSuit domains. Earlier today, the websites on the BlackSuit .onion domains were replaced with seizure banners announcing

Topics: blacksuit enforcement gang ransomware royal
Read More
Shop Amazon

Microsoft: SharePoint flaws exploited in Warlock ransomware attacks

bleepingcomputer.com Unknown 2026-01-02 05:53:14

A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. Non-profit security organization Shadowserver is currently tracking over 420 SharePoint servers that are exposed online and remain vulnerable to these ongoing attacks. "Although Microsoft has observed this threat actor deploying Warlock and Lockbit ransomware in the past, Microsoft is currently unable to co

Topics: attacks department microsoft ransomware security
Read More
Shop Amazon

Microsoft: SharePoint servers also targeted in ransomware attacks

bleepingcomputer.com Unknown 2026-01-03 23:53:14

A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. Non-profit security organization Shadowserver is currently tracking over 420 SharePoint servers that are exposed online and remain vulnerable to these ongoing attacks. "Although Microsoft has observed this threat actor deploying Warlock and Lockbit ransomware in the past, Microsoft is currently unable to co

Topics: attacks department microsoft ransomware security
Read More
Shop Amazon

New UK law would ban ransomware payments by publicly funded orgs

engadget.com Unknown 2026-01-07 10:08:51

The British government has announced plans to move forward with a law that would bar public organizations from paying off ransomware attackers. The proposed legislation would add schools, town councils, National Health Service (NHS) hospitals and critical infrastructure managers to a ban which already applies to the national government. The logic behind banning payments is simple. If cybercriminals know a ransomware attack against a UK school or hospital won't get them paid, they'll look somewh

Topics: attacks ban government ransom ransomware
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3679 apple 3051 new 2427 google 2043 content 1740
Popular
like 1513 company 1434 pro 1346 iphone 1193 app 1135 zdnet 1120 said 1074 data 1058 does 913 reviews 898
Emerging
editorial 877 amazon 865 game 813 samsung 783 phone 771 pixel 763 android 744 just 727 users 689 available 687
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]