Ransomhub

EvilCorp & RansomHub Working Together to Attack Organizations Worldwide - The attack progression typically follows a pattern of initial SocGholish infection, deployment of the VIPERTUNNEL backdoor, lateral movement through the network, data exfiltration, and finally, RansomHub ransomware deployment. Microsoft first ...
2 months ago Cybersecuritynews.com Ransomhub LockBit

RansomHub Ransomware-as-a-service Facing Internal Conflict as Affiliates Lost Access to Chat Portals - Unlike many competitors, RansomHub implemented a business model that directed ransom payments either directly to affiliates or split them at the point of transaction, significantly reducing the risk of “exit-scamming” – a common problem ...
2 months ago Cybersecuritynews.com Dragonforce Black Basta Ransomhub

Christie's confirms breach after RansomHub threatens to leak data - Christie's confirmed that it suffered a security incident earlier this month after the RansomHub extortion gang claimed responsibility and threatened to leak stolen data. Christie's is a prominent auction house with a history spanning 2.5 centuries. ...
1 year ago Bleepingcomputer.com Ransomhub

RansomHub Evolves To Attack Windows, ESXi, Linux and FreeBSD Operating Systems - With RansomHub actively exploiting zero-day vulnerabilities and recruiting displaced ALPHV/LockBit affiliates, organizations must strengthen endpoint security and ensure backup isolation to prevent potential attacks. RansomHub ransomware group ...
3 months ago Cybersecuritynews.com CVE-2024-3400 CVE-2021-42278 CVE-2020-1472 LockBit Ransomhub

RansomHub’s EDRKillShifter Link With Other Well-Established Ransomware Gang’s - New Research - In May 2024, RansomHub introduced EDRKillShifter, a custom endpoint detection and response killer designed to terminate security products by abusing vulnerable drivers, effectively blinding defensive systems before encryption begins. ESET researchers ...
2 months ago Cybersecuritynews.com BianLian Medusa Ransomhub LockBit

Change Healthcare's New Ransomware Nightmare Goes From Bad to Worse - Change Healthcare is facing a new cybersecurity nightmare after a ransomware group began selling what it claims is Americans' sensitive medical and financial records stolen from the health care giant. RansomHub claimed it had health care data on ...
1 year ago Wired.com Ransomhub

RansomHub Ransomware Group Compromised 84 Organization, New Groups Emerging - Cyfirma researchers noted a custom backdoor called “Betruger” being deployed in recent RansomHub operations, representing a significant evolution in ransomware tactics. Unlike some ransomware operations that rely heavily on publicly ...
2 months ago Cybersecuritynews.com Ransomhub

Change Healthcare Hit By Cyber Extortion Again - Change Healthcare, a subsidiary of UnitedHealth Group, has been facing renewed extortion from cybercriminals just a month after paying a ransom to prevent the release of data stolen in a February 2024 ransomware attack. The attack, orchestrated by ...
1 year ago Infosecurity-magazine.com Ransomhub

Cyberattack on telecom giant Frontier claimed by RansomHub - An April cyberattack on a large telecommunications company has been claimed by a ransomware gang that is gaining steam as a cybercriminal operation. On Saturday, the RansomHub operation posted Frontier Communications to its leak site claiming to have ...
11 months ago Therecord.media Ransomhub

RansomHub ransomware uses new Betruger ‘multi-function’ backdoor - The malware's capabilities include a wide range of capabilities that overlap with features commonly found in malicious tools dropped before deploying ransomware payloads, including keylogging, network scanning, privilege escalation, credential ...
2 months ago Bleepingcomputer.com Ransomhub

The internet is already scary enough without April Fool's jokes - Thankfully in the security world, I think we've all gotten the hint at this point that we can't just post whatever we want on April 1 of each calendar year and expect people to get the joke. I've put my guard down so much at this point that I ...
1 year ago Blog.talosintelligence.com Hunters Ransomhub

SocGholish Leveraging Compromised Websites To Deploy RansomHub Ransomware - Security experts recommend implementing robust web filtering solutions, keeping browsers updated, and training users to recognize fake update notifications as critical mitigation strategies against this evolving threat. The infection begins when ...
2 months ago Cybersecuritynews.com Ransomhub

RansomHub Ransomware Deploying Malware to Compromise Corporate Networks - The downloaded “Update.zip” contains “Update.js,” a JScript file that sends a POST request to the SocGholish C2 server at “hxxps://exclusive.nobogoods[.]com/updateStatus” to retrieve the next stage of the attack. ...
1 month ago Cybersecuritynews.com Ransomhub

YKP LTDAwww.ykp.com.br hit by Ransomhub Ransomware Gang - Actor: ransomhub ...
1 year ago Twitter.com Ransomhub

RansomHub Affiliate Deploying New Custom Backdoor Dubbed 'Betruger' For Persistence - RansomHub, as a RaaS provider, enables affiliates to leverage sophisticated tools like Betruger, potentially lowering the barrier to entry for conducting complex ransomware attacks. These include adaptive-based protections such as ACM.Ps-RgPst!g1 and ...
2 months ago Cybersecuritynews.com Ransomhub

Threat Actors Increasingly Utilize Ransomware as a Service Boosted by EDR Killers - ESET researchers discovered instances where a single threat actor possessed multiple EDRKillShifter variants linked to various ransomware groups including BianLian, RansomHub, Medusa, and Play, indicating skilled affiliates simultaneously working ...
1 month ago Cybersecuritynews.com Medusa LockBit BianLian Ransomhub

Ransomware gang starts leaking alleged stolen Change Healthcare data - The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. In February, Change ...
1 year ago Bleepingcomputer.com Ransomhub

Christie's Confirms Data Breach After Ransomware Group Claims Attack - Auction house Christie's has confirmed suffering a data breach after a ransomware group on Monday threatened to leak information stolen from the company. The cyberattack was launched just as the auction house was attempting to sell high-value items ...
1 year ago Packetstormsecurity.com Ransomhub

Christie disclosed a data breach after RansomHub attack - MUST READ. Christie disclosed a data breach after a RansomHub attack. OmniVision disclosed a data breach after the 2023 Cactus ransomware attack. City of Wichita disclosed a data breach after the recent ransomware attack. Australian Firstmac Limited ...
1 year ago Securityaffairs.com Cactus Ransomhub

Top Ransomware Actors Actively Attacking Financial Sector, 406 Incidents Publicly Disclosed - Several of the documented incidents involved manipulation of legitimate administrative tools like BgInfo and Sysinternals utilities to establish persistence without triggering security alerts-a technique Flashpoint researchers have attributed ...
1 month ago Cybersecuritynews.com Lazarus Group Scattered Spider Ransomhub LockBit Akira

Ransomhub - ...
1 year ago

Artificial Intelligence Fuels New Wave of Complex Cyber Attacks Challenging Defenders - The O’Reilly 2024 State of Security Survey found 33% of enterprises lack staff capable of countering AI-driven threats, particularly in detecting adversarial machine learning patterns and securing generative AI deployments. While AI-driven threat ...
1 month ago Cybersecuritynews.com Ransomhub

Ascension suffers Cyber Attack - Ascension, a provider of services related to hospital care and senior living facilities, has released an official statement acknowledging a cyber-attack on its IT network. The exact nature of the incident has yet to be disclosed, but unofficial ...
1 year ago Cybersecurity-insiders.com Ransomhub

Cyber Security News Weekly Round-Up May - Mitigating risks promptly and securing critical assets against the latest attack vectors and cyber risks requires situational awareness in this dynamic threat landscape. Company managers are consequently advised to urgently scale up security measures ...
1 year ago Cybersecuritynews.com CVE-2024-36052 LockBit Ransomhub

Nearly 3 million affected by Sav-Rx data breach - Nearly three million people had sensitive information leaked during an October cyberattack on the prescriptions management company Sav-Rx. In filings to regulators last week and a notice on its website, the company said names, addresses, eligibility ...
1 year ago Therecord.media Ransomhub