X-Industry

Broadcom researchers recently reported that threat actors behind an RA World ransomware attack against an Asian software and services firm employed a tool that was explosively associated in the past with China-linked APT groups. “Tools that are usually associated with China-based espionage actors were recently deployed in an attack involving the RA World ransomware against an Asian software and services company,” reads the report published by Broadcom.

During the late 2024 attack, the attacker d

The New York Blood Center (NYBC) said it suffered a ransomware attack that disrupted operations and forced it to reschedule some operations.  NYBC is one of the largest independent blood collection and distribution organizations.  It collects about 4,000 units of blood products daily and serves more than 75 million people at over 200 hospitals across the Northeast and 500 nationwide.  The cyber incident occurred while the blood center was already facing a critical shortage due to a decline in th

Enterprise cybersecurity tools, such as routers, firewalls, and VPNs, exist to protect corporate networks from intruders and malicious hackers, something that is particularly important in today’s age of widespread remote and hybrid working. But while pitched as tools that help organizations stay safe from outside threats, many of these products have time and again been found to contain software bugs that allow malicious hackers to compromise the very networks these products were designed to prot

An electric utility serving multiple counties in Mississippi was attacked by cybercriminals last summer in an incident that exposed information of more than 20,000 residents.  The Yazoo Valley Electric Power Association initially warned customers through social media on 26 August 2024 that, due to software problems, they were unable to process payments.  The system was restored by 30 August.

In breach notification letters filed with regulators last week, the utility confirmed it discovered “susp

The previous six months have seen heightened activity regarding new and emerging ransomware operations. Across the tail end of 2024 and into 2025, researchers have seen the rise of groups such as FunkSec, Nitrogen,, and Termite. In addition, we have seen the return of Cl0p and a new version of LockBit (aka LockBit 4.0).

Within this period of accelerated activity, the Ransomware-as-a-Service offerings HellCat and Morpheus have gained additional momentum and notoriety. Operators behind HellCat, in

Cyberattacks targeting healthcare organizations are rising, and the financial and operational toll they take is growing. A recent report from Proofpoint found that 92% of healthcare organizations reported experiencing a cyberattack in 2024, up from 88% in 2023, while the average cost of the most expensive attack was $4.7 million. While safeguarding sensitive patient data remains a top concern, malicious actors leverage artificial intelligence (AI) and machine learning technologies to make threat

Businesses in the UK are set to be protected by a new ransomware ban to address the threat of cybercrime, which is estimated to cost the UK economy billions of pounds every year.   The proposed legislation follows a series of serious ransomware attacks on the National Health Service (NHS), the British Library and the Royal Mail, that have caused severe disruption and cost millions in recovery costs.   The intention is to make public sector and infrastructure organizations less appealing as targe

Cybersecurity researchers have reported that artificial intelligence (AI) assisted with ransomware called FunkSec, which entered the market in late 2024 and claimed more than 85 victims. "The group uses double extortion tactics, combining data theft with encryption to pressure victims into paying ransoms," Check Point Research said in a new report from The Hacker News. "Notably, FunkSec demanded unusually low ransoms, sometimes as little as $10,000, and sold stolen data to third parties at reduc

In the 1970s and 1980s, Casio was best known for its electronic (including scientific) calculators, electronic musical instruments, and affordable digital watches incorporating innovative technology. All the cool kids had a Casio calculator (unfortunately, I was taught on a slide rule). Well, Casio is still around. Japanese electronics manufacturer Casio says that the October 2024 ransomware incident exposed the personal data of approximately 8,500 people. The affected individuals are primarily

Businesses are more likely to face a costly cyber-crime attack than a robbery or fire this year as hackers continue to employ devious social-engineering skills to lure unsuspecting victims.  This reality has been highlighted in several reports by global cybersecurity experts who have analyzed cybercrimes, such as ransomware (where hackers encrypt and steal data), smishing (SMS link scams) and phishing (email link/attachment scams) in recent years and have warned that Artificial Intelligence (AI)

Taiwanese government networks experienced a daily average of 2.4 million cyber-attacks in 2024, most attributed to Chinese state-backed hackers. This represents double the daily average from 2023, which saw 1.2 million daily attacks targeting government networks, Taiwan’s National Security Bureau said in a new report. “Although many of those attacks have been effectively detected and blocked, the growing numbers of attacks pinpoint the increasingly severe nature of China’s hacking activities,” t

Ransomware gang, Brain Cipher, has begun leaking sensitive data stolen from Rhode Island’s RIBridges social services platform earlier in December 2024.  The integrated system, which managed healthcare, social services, and food assistance programs, served some 650,000 citizens including minors, before being taken offline. Exposed information was confirmed by Governor McKee to contain names, addresses, birthdates, social security numbers, and banking details.  Screenshots also suggest that the st

A superseding criminal complaint filed in the US District of New Jersey was unsealed on 30 December 2024, charging a dual Russian and Israeli national for being a developer of the LockBit ransomware group. In August 2024, Rostislav Panev, 51, a dual Russian and Israeli national, was arrested in Israel under a US provisional arrest request to extradition to the United States. Panev is currently in custody in Israel pending extradition on the charges in the superseding complaint. [1]

See: https://

Krispy Kreme has acknowledged that the December 2024 disruption to its online ordering system resulted from a cyber attack.  Krispy Kreme operates four bakeries known as “Doughnut Factories,” 1,521 retail shops, and over 15,000 delivery locations in the United States.  It also partnered with McDonald’s to avail its crispy doughnuts to the restaurant chain’s customers across the country.  “We’re experiencing certain operational disruptions due to a cybersecurity incident, including with online or

Cyberattacks utilizing generative artificial intelligence (GenAI) technology as a tool are expected to grow next year, a government report reported recently.  In 2025, hacking groups are expected to increasingly use various generative AI models, such as ChatGPT, to create spear phishing emails customized to their attack subjects and fake news materials to be used for political propaganda, according to the annual cybersecurity report issued by the Ministry of Science and ICT.  “It will be difficu

BT Group (formerly British Telecom)’s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack. “We identified an attempt to compromise our BT Conferencing platform. This incident was restricted to specific elements of the platform, which were rapidly taken offline and isolated,”

FortiGuard Labs gathers data on ransomware variants of interest that are gaining traction within its datasets and the OSINT community. The report below provides brief insights into the evolving ransomware landscape.

Interlock Ransomware Overview - Interlock is a new ransomware variant that was first publicly discovered in an available file-scanning site in early October 2024. This could indicate that the ransomware emerged as early as September. The Interlock ransomware comes in Windows and Free

A ransomware attack on supply chain software firm Blue Yonder in turn hit a dozen big names in food and retail with business disruptions, Starbucks and Walgreens among them.  The software is widely used by a range of Fortune 500 companies, and the full list of potentially impacted victims remains unclear.  Companies such as grocery giant Kroger (and its recently acquired subsidiary Albertsons), Anheuser-Busch and Ford are known to use the software but have not confirmed any impact as of yet.  Se

After being deported from South Korea, a Russian cybercriminal leader has made his first appearance in the US District Court for the District of Maryland to face his charges. Evgenii Ptitsyn, 42, is a Russian national who allegedly administered the sale, distribution, and operation of Phobos ransomware, which has been used against more than 1,000 victims, including public and private entities in the United States and globally. According to the indictment, its affiliates have extorted ransom paym

CyberVolk is a politically motivated hacktivist collective that launched its own RaaS in June 2024. The group uses DDoS and ransomware attacks to undermine and disrupt the operations of those opposed to Russian interests.

The group has become an increasingly prominent player within the cybercrime ecosystem, adapting and repurposing existing commodity malware to advance its causes. Highly skilled actors within the collective expand and revise such tools, effectively making them more sophisticated