-
Hunters International ransomware shuts down, releases free decryptors
The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data without paying a ransom.
- July 03, 2025
- 06:53 AM
1
-
DragonForce expands ransomware model with white-label branding scheme
The ransomware scene is re-organizing, with one gang known as DragonForce working to gather other operations under a cartel-like structure.
- April 26, 2025
- 11:23 AM
0
-
How Black Rifle Coffee slashed offboarding from weeks to minutes
Manual IAM processes slow down IT and introduce risk.
In this webinar, see how Black Rifle Coffee leverages automation to reduce offboarding time from weeks to minutes, save 120 hours of analyst time, and strengthen their security posture - all without adding headcount.
-
New VanHelsing ransomware targets Windows, ARM, ESXi systems
A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems.
- March 24, 2025
- 03:43 PM
- 0
-
RansomHub ransomware uses new Betruger ‘multi-function’ backdoor
Security researchers have linked a new backdoor dubbed Betruger, deployed in several recent ransomware attacks, to an affiliate of the RansomHub operation.
- March 20, 2025
- 12:31 PM
- 0
-
Linux version of new Cicada ransomware targets VMware ESXi servers
A new ransomware-as-a-service (RaaS) operation named Cicada3301 has already listed 19 victims on its extortion portal, as it quickly attacked companies worldwide.
- September 01, 2024
- 10:14 AM
- 0
-
New Eldorado ransomware targets Windows, VMware ESXi VMs
A new ransomware-as-a-service (RaaS) called Eldorado emerged in March and comes with locker variants for VMware ESXi and Windows.
- July 05, 2024
- 11:56 AM
- 3
-
Ransomware as a Service and the Strange Economics of the Dark Web
Ransomware is quickly changing in 2024, with massive disruptions and large gangs shutting down. Learn from Flare how affiliate competition is changing in 2024, and what might come next.
- March 27, 2024
- 10:02 AM
- 1
-
LockBit ransomware secretly building next-gen encryptor before takedown
LockBit ransomware developers were secretly building a new version of their file encrypting malware, dubbed LockBit-NG-Dev - likely a future LockBit 4.0, when law enforcement took down the cybercriminal's infrastructure earlier this week.
- February 22, 2024
- 08:51 AM
- 0
-
Knight ransomware source code for sale after leak site shuts down
The alleged source code for the third iteration of the Knight ransomware is being offered for sale to a single buyer on a hacker forum by a representative of the operation.
- February 20, 2024
- 11:28 AM
- 0
-
Alpha ransomware linked to NetWalker operation dismantled in 2021
Security researchers analyzing the Alpha ransomware payload and modus operandi discovered overlaps with the now-defunct Netwalker ransomware operation.
- February 16, 2024
- 11:07 AM
- 0
-
Ransomware payments reached record $1.1 billion in 2023
Ransomware payments in 2023 soared above $1.1 billion for the first time, shattering previous records and reversing the decline seen in 2022, marking the year as an exceptionally profitable period for ransomware gangs.
- February 07, 2024
- 09:00 AM
- 1
-
New Nevada Ransomware targets Windows and VMware ESXi systems
A relatively new ransomware operation known as Nevada seems to grow its capabilities quickly as security researchers noticed improved functionality for the locker targeting Windows and VMware ESXi systems.
- February 01, 2023
- 02:26 PM
- 1
-
The Dark Web is Getting Darker - Ransomware Thrives on Illegal Markets
The dark web is getting darker as cybercrime gangs increasingly shop their malware, phishing, and ransomware tools on illegal cybercrime markets.
- December 14, 2022
- 10:33 AM
- 1
-
Microsoft: Exchange servers hacked to deploy BlackCat ransomware
Microsoft says BlackCat ransomware affiliates are now attacking Microsoft Exchange servers using exploits targeting unpatched vulnerabilities.
- June 13, 2022
- 01:14 PM
- 0
-
ALPHV BlackCat - This year's most sophisticated ransomware
The new ALPHV ransomware operation, aka BlackCat, launched last month and could be the most sophisticated ransomware of the year, with a highly-customizable feature set allowing for attacks on a wide range of corporate environments.
- December 09, 2021
- 04:47 PM
- 0
-
Translated Conti ransomware playbook gives insight into attacks
Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies on any misinterpretation caused by automated translation.
- September 02, 2021
- 05:10 PM
- 0
-
Australian govt warns of escalating LockBit ransomware attacks
The Australian Cyber Security Centre (ACSC) warns of an increase of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021.
- August 08, 2021
- 10:00 AM
- 2
-
Clop ransomware is back in business after recent arrests
The Clop ransomware operation is back in business after recent arrests and has begun listing new victims on their data leak site again.
- June 23, 2021
- 03:35 AM
- 0
-
Paradise Ransomware source code released on a hacking forum
The complete source code for the Paradise Ransomware has been released on a hacking forum allowing any would-be cyber criminal to develop their own customized ransomware operation.
- June 15, 2021
- 11:56 AM
- 7
-
DarkSide ransomware will now vet targets after pipeline cyberattack
The DarkSide ransomware gang posted a new "press release" today stating that they are apolitical and will vet all targets before they are attacked.
- May 10, 2021
- 11:40 AM
- 4
