The U.S. Justice Department reported it recouped $2.3 million of the $4.4 million ransom Colonial Pipeline Co. paid following a May 7 ransomware attack. The DOJ's Ransomware and Digital Extortion Task Force coordinated the effort, in which the FBI tracked payment to a bitcoin wallet it controls.
The recent decision by a Massachusetts-based hospital to pay a ransom in exchange for promises by the attackers to destroy stolen data spotlights the difficult choices many healthcare entities face in the wake of cyberattacks.
Researchers believe that a malware variant that specifically targets poorly protected or misconfigured Windows containers has been uncovered for the first time, according to a report published by Palo Alto Networks' Unit 42. A successful attack establishes a backdoor and persistence.
U.S. Justice Department prosecutors have charged a 55-year-old Latvian woman with helping to develop code for the Trickbot gang as well as stealing banking credentials and deploying ransomware, according to a federal indictment. Alla Witte faces more than 30 years in prison if convicted.
A district court in Kazakhstan sentenced two unidentified Cobalt, aka Carbanak, gang members to serve eight years in prison on robbery and attempted robbery charges. The gang members are believed to have been involved in cashing out operations, according to Group-IB.
If you're a Russian cybercrime gang feeling the heat after being sanctioned by the U.S. government, why not rebrand? So goes an apparent move by Evil Corp to disguise its WastedLocker ransomware as rival gang Babuk's PayloadBin, so any ransom payers won't think they're violating U.S. sanctions.
In response to a string of high-profile and damaging ransomware attacks that took place over the past several months, the Biden administration sent an open letter to U.S. business leaders asking them to take the proper steps to protect their organizations from ransomware.
Election security improvements, the push for all software to ship with a "bill of materials" and the results of a long-running investigation into a lucrative digital advertising scam are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.
The White House has written to business leaders, urging them to prioritize having robust ransomware defenses in place. The move comes as the Biden administration pursues multiple strategies to combat ransomware and digital extortion, including ordering a new task force to coordinate all federal investigations.
The latest edition of the ISMG Security Report details the ongoing wave of ransomware attacks, including the disruption of JBS, the world's largest supplier of meat. Also featured are police busting criminals who formerly used the EncroChat communications network and the strategies for filling the cyber skills gap.
Scripps Health this week began notifying more than 147,000 individuals that their financial and health information was contained in documents stolen by attackers who deployed ransomware on the healthcare organization's network in May.
Japanese conglomerate Fujifilm has shut down part of its network after it was compromised in a suspected ransomware attack, the company said in an update on Wednesday. The attack is the latest in a series of ransomware incidents targeting multinational companies.
The FBI has attributed the ransomware attack against meat processing giant JBS to the REvil - aka Sodinokibi - ransomware-as-a-service operation. Security experts say the operation, which dates from 2019, appears to be run from Russia, and has been hitting increasingly large targets.
Three new ransomware groups - Prometheus, Grief and an unidentified group using Payload.bin - have separately threatened to release or have already put on sale stolen data from government and private entities.