Bill Toulas reports: Security researchers at Sentinel Labs have uncovered evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7, also known as “Carbanak.” When analyzing tools used by the ransomware gang in attacks, the researchers found signs that a developer for FIN7 has also authored the EDR (Endpoint Detection…
Search Results for: ransomware
LockBit repeats ‘PR stunt’ as Thales ransomware investigation claims no breach
Rory Bathgate reports: An investigation by Thales has found no evidence that the LockBit ransomware organistion successfully attacked its systems, following threats by the group to post stolen company data on hacker forums. On Tuesday, the French multinational publicly stated that it had seen posts on the dark web by ransomware group LockBit 3.0, claiming to have stolen data…
Ransomware cost US banks $1.2 billion last year
Dan Robinson reports: Banks in the US paid out nearly $1.2 billion in 2021 as a result of ransomware attacks, a marked rise over the year before though it may simply be due to more financial institutions being asked to report incidents. The figures come from the most recent Financial Trend Analysis report [PDF] on ransomware from…
World leaders make fresh vows to fight global ransomware threat
Martin Matishak reports: A coalition of government cybersecurity leaders from nearly 40 countries on Tuesday reaffirmed to work together to stamp out ransomware attacks, launching several new efforts meant to better combat the rising global threat. “We commit to work together to prioritize disruption targets to leverage the breadth of authorities and tools available to…
After CommonSpirit ransomware attack: Why healthcare M&A is a ‘huge’ cybersecurity risk
Samantha Liss reports: As CommonSpirit Health, formed by the merger of Dignity Health and Catholic Health Initiatives in 2019, continues to deal with the fallout from a ransomware attack three weeks ago, security experts say such tie-ups and acquistions make healthcare systems more vulnerable to security breaches. M&A in healthcare “creates a huge risk” and a…
Microsoft links Raspberry Robin worm to Clop ransomware attacks
Sergiu Gatlan reports: Microsoft says a threat group tracked as DEV-0950 used Clop ransomware to encrypt the network of a victim previously infected with the Raspberry Robin worm. DEV-0950 malicious activity overlaps with financially motivated cybercrime groups tracked as FIN11 and TA505, known for deploying Clop payloads ransomware on targets’ systems. Read more at BleepingComputer