X-Industry

Recent investigations by the Mexican military revealed that cybercriminals tied to the Cártel Jalisco Nueva Generación (CJNG) have attempted to infiltrate the networks of security agencies, including the Secretariat of Security and Citizen Protection, the National Intelligence Center, and state-run oil company Petróleos Mexicanos (Pemex).

Military sources familiar with the matter told local outlet Milenio that the Jalisco Cartel is recruiting young tech experts to breach the computer systems of

Note: this Recorded Future Ransomware Tracker is updated on the second Sunday of each month to stay current.  The number of victims posted on ransomware extortion sites increased in May, with ransomware gangs publicly claiming more than 400 attacks in a month for the second time this year. 

The uptick was fueled in large part by the Russia-linked LockBit ransomware group, which posted 74 victims to its extortion site in May.  The group has become far and away the most active ransomware gang, wit

The US Marshals Service (USMS) is investigating a major ransomware attack that has compromised some of its most sensitive information, including law enforcement materials, and the personal information of employees and potential targets of federal investigations.  The cyberattack was considered a "major incident" by officials, impacting a "stand-alone" system (meaning it is not connected to a larger federal network) within the service, an agency spokesperson said Monday.  The attack was discovere

A few years ago, while visiting old friends in a major metropolitan midwestern city where I grew up, I had the chance to meet an old friend who was working part-time as an IT consultant for a city suburb.  This city had its own network and a municipal level court system network.  He told me they were hit three times in the recent past by hackers.  I asked if any law enforcement agency investigated it and his answer was, “no, we back-up our data every evening and just recovered the following day.

Our friends at The Record shared some concerning news for the US.  More than 200 local governments, schools and hospitals in the US were affected by ransomware in 2022, according to research conducted by cybersecurity firm Emsisoft.

The annual “State of Ransomware in the US” report found that 105 local governments; 44 universities and colleges; 45 school districts; and 25 healthcare providers operating 290 hospitals dealt with ransomware attacks last year.  These figures are based only on public

Poor results reflect that (87%) of US defense contractors are failing to meet basic cybersecurity regulation requirements, according to research commissioned by CyberSheath. The survey of 300 US-based Department of Defense (DoD) contractors found that just 13% of respondents have a Supplier Risk Performance System (SPRS) score of 70 or above. Under the Defense Federal Acquisition Regulation Supplement (DFARS), a score of 110 is required for full compliance.  So, a school grade of “C”, a score of

A spokesman from the United States said on 07 April 2022 that it had secretly removed malware from computer networks around the world in recent weeks, a step to pre-empt Russian cyberattacks and send a message to President Vladimir V. Putin of Russia.  The actions, made public by Attorney General Merrick B. Garland, comes as U.S. officials warn that Russia could try to strike American critical infrastructure including financial firms, pipelines and the electric grid in response to the sanctions

Wall Street, especially the insurance markets, is very concerned about the cyber security risks that state and local governments are facing, including a cascade of ransomware attacks targeting a public sector which is still struggling with how to manage more and more on-line services during the never ending COVID-19 pandemic. 

“The landscape is changing quite rapidly right now, from the cybersecurity insurance and the threat landscape side, which leaves local governments in the middle dealing wi

Ransomware actors have been preying on small governments, because it is an easy payday.  Small governments have limited cyber threat resources and the demand of their citizens to bring back vital services (immediately).  City leaders want to get their services back in operation and running quickly, as voters have long memories.  Because it is cheaper than going completely offline, city and county governments often pay the ransom, especially if insurance companies pay the demanded amount or honor