Ransomhub

EvilCorp & RansomHub Working Together to Attack Organizations Worldwide - The attack progression typically follows a pattern of initial SocGholish infection, deployment of the VIPERTUNNEL backdoor, lateral movement through the network, data exfiltration, and finally, RansomHub ransomware deployment. Microsoft first ...
2 weeks ago Cybersecuritynews.com Ransomhub LockBit

RansomHub Ransomware-as-a-service Facing Internal Conflict as Affiliates Lost Access to Chat Portals - Unlike many competitors, RansomHub implemented a business model that directed ransom payments either directly to affiliates or split them at the point of transaction, significantly reducing the risk of “exit-scamming” – a common problem ...
1 week ago Cybersecuritynews.com Dragonforce Black Basta Ransomhub

Christie's confirms breach after RansomHub threatens to leak data - Christie's confirmed that it suffered a security incident earlier this month after the RansomHub extortion gang claimed responsibility and threatened to leak stolen data. Christie's is a prominent auction house with a history spanning 2.5 centuries. ...
10 months ago Bleepingcomputer.com Ransomhub

RansomHub Evolves To Attack Windows, ESXi, Linux and FreeBSD Operating Systems - With RansomHub actively exploiting zero-day vulnerabilities and recruiting displaced ALPHV/LockBit affiliates, organizations must strengthen endpoint security and ensure backup isolation to prevent potential attacks. RansomHub ransomware group ...
2 months ago Cybersecuritynews.com CVE-2024-3400 CVE-2021-42278 CVE-2020-1472 LockBit Ransomhub

RansomHub’s EDRKillShifter Link With Other Well-Established Ransomware Gang’s - New Research - In May 2024, RansomHub introduced EDRKillShifter, a custom endpoint detection and response killer designed to terminate security products by abusing vulnerable drivers, effectively blinding defensive systems before encryption begins. ESET researchers ...
3 weeks ago Cybersecuritynews.com BianLian Medusa Ransomhub LockBit

Change Healthcare's New Ransomware Nightmare Goes From Bad to Worse - Change Healthcare is facing a new cybersecurity nightmare after a ransomware group began selling what it claims is Americans' sensitive medical and financial records stolen from the health care giant. RansomHub claimed it had health care data on ...
1 year ago Wired.com Ransomhub

RansomHub Ransomware Group Compromised 84 Organization, New Groups Emerging - Cyfirma researchers noted a custom backdoor called “Betruger” being deployed in recent RansomHub operations, representing a significant evolution in ransomware tactics. Unlike some ransomware operations that rely heavily on publicly ...
1 week ago Cybersecuritynews.com Ransomhub

Change Healthcare Hit By Cyber Extortion Again - Change Healthcare, a subsidiary of UnitedHealth Group, has been facing renewed extortion from cybercriminals just a month after paying a ransom to prevent the release of data stolen in a February 2024 ransomware attack. The attack, orchestrated by ...
1 year ago Infosecurity-magazine.com Ransomhub

Cyberattack on telecom giant Frontier claimed by RansomHub - An April cyberattack on a large telecommunications company has been claimed by a ransomware gang that is gaining steam as a cybercriminal operation. On Saturday, the RansomHub operation posted Frontier Communications to its leak site claiming to have ...
9 months ago Therecord.media Ransomhub

RansomHub ransomware uses new Betruger ‘multi-function’ backdoor - The malware's capabilities include a wide range of capabilities that overlap with features commonly found in malicious tools dropped before deploying ransomware payloads, including keylogging, network scanning, privilege escalation, credential ...
1 month ago Bleepingcomputer.com Ransomhub

The internet is already scary enough without April Fool's jokes - Thankfully in the security world, I think we've all gotten the hint at this point that we can't just post whatever we want on April 1 of each calendar year and expect people to get the joke. I've put my guard down so much at this point that I ...
1 year ago Blog.talosintelligence.com Hunters Ransomhub

SocGholish Leveraging Compromised Websites To Deploy RansomHub Ransomware - Security experts recommend implementing robust web filtering solutions, keeping browsers updated, and training users to recognize fake update notifications as critical mitigation strategies against this evolving threat. The infection begins when ...
1 month ago Cybersecuritynews.com Ransomhub

YKP LTDAwww.ykp.com.br hit by Ransomhub Ransomware Gang - Actor: ransomhub ...
1 year ago Twitter.com Ransomhub

RansomHub Affiliate Deploying New Custom Backdoor Dubbed 'Betruger' For Persistence - RansomHub, as a RaaS provider, enables affiliates to leverage sophisticated tools like Betruger, potentially lowering the barrier to entry for conducting complex ransomware attacks. These include adaptive-based protections such as ACM.Ps-RgPst!g1 and ...
1 month ago Cybersecuritynews.com Ransomhub

Ransomware gang starts leaking alleged stolen Change Healthcare data - The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. In February, Change ...
1 year ago Bleepingcomputer.com Ransomhub

Christie's Confirms Data Breach After Ransomware Group Claims Attack - Auction house Christie's has confirmed suffering a data breach after a ransomware group on Monday threatened to leak information stolen from the company. The cyberattack was launched just as the auction house was attempting to sell high-value items ...
10 months ago Packetstormsecurity.com Ransomhub

Christie disclosed a data breach after RansomHub attack - MUST READ. Christie disclosed a data breach after a RansomHub attack. OmniVision disclosed a data breach after the 2023 Cactus ransomware attack. City of Wichita disclosed a data breach after the recent ransomware attack. Australian Firstmac Limited ...
10 months ago Securityaffairs.com Cactus Ransomhub

Ransomhub - ...
1 year ago

Ascension suffers Cyber Attack - Ascension, a provider of services related to hospital care and senior living facilities, has released an official statement acknowledging a cyber-attack on its IT network. The exact nature of the incident has yet to be disclosed, but unofficial ...
11 months ago Cybersecurity-insiders.com Ransomhub

Cyber Security News Weekly Round-Up May - Mitigating risks promptly and securing critical assets against the latest attack vectors and cyber risks requires situational awareness in this dynamic threat landscape. Company managers are consequently advised to urgently scale up security measures ...
10 months ago Cybersecuritynews.com CVE-2024-36052 LockBit Ransomhub

Nearly 3 million affected by Sav-Rx data breach - Nearly three million people had sensitive information leaked during an October cyberattack on the prescriptions management company Sav-Rx. In filings to regulators last week and a notice on its website, the company said names, addresses, eligibility ...
10 months ago Therecord.media Ransomhub

Microsoft links North Korean hackers to new FakePenny ransomware - Microsoft has linked a North Korean hacking group it tracks as Moonstone Sleet to FakePenny ransomware attacks, which have led to millions of dollars in ransom demands. While this threat group's tactics, techniques, and procedures largely overlapped ...
10 months ago Bleepingcomputer.com Kimsuky Lazarus Group LockBit Ransomhub

BBC suffers data breach impacting current, former employees - The BBC has disclosed a data security incident that occurred on May 21, involving unauthorized access to files hosted on a cloud-based service, compromising the personal information of BBC Pension Scheme members. As per the reports, the incident ...
10 months ago Bleepingcomputer.com Ransomhub

Eurojust conducts operation to shut malware and ransomware spreading botnets - Eurojust, the European Union Agency for Criminal Justice, recently initiated a decisive strike against a notorious botnet network responsible for disseminating malware and ransomware across the digital realm. The crackdown led to the seizure of their ...
10 months ago Cybersecurity-insiders.com LockBit Ransomhub

Ticketmaster confirms data breach impacting 560 million customers - MUST READ. Ticketmaster confirms data breach impacting 560 million customers. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a RansomHub attack. OmniVision disclosed a data breach ...
10 months ago Securityaffairs.com CVE-2020-3259 BianLian Cactus Ransomhub