The Maze ransomware gang is continuing to exfiltrate data from victims before crypto-locking their systems, then leaking the data to try to force non-payers to accede to its ransom demands. Don't want to play ransomware gangs' latest games? The only way to opt out is by planning ahead.
Semiconductor manufacturer MaxLinear confirmed this week that it was hit by the Maze ransomware gang in April and some "proprietary information" was exfiltrated and personally identifiable information exposed.
If your organization gets hit by ransomware, what should happen next? Ideally, organizations will get help to identify the best response, says Kroll's Alan Brill. He notes that many organizations are now carrying cyber insurance coverage, in part, to gain rapid access to incident response tools and expertise.
Scammers are looking to capitalize on the extortion campaigns being conducted by the Maze ransomware gang and others by demanding thousands of dollars in ransom to not release data they claim to have exfiltrated when in fact no attack took place and no data was removed, according to security firm WebARX.
Southeast Asia has become a hotbed for cybercrime activities, says Anthony Bargar, former deputy CISO of the U.S. Department of Defense, who says enterprises in the region need to take a collaborative defense approach to respond to this new threat environment.
Microsoft's Azure Security Center has detected a new hacking campaign that for the first time specifically targets the Kubeflow platform on Kubernetes and uses XMRig cryptominer to mine for monero across multiple clusters.
The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware. Unfortunately for Florence, a city in Alabama, no one saved the day, and officials are sending $300,000 in bitcoins to attackers for a decryption key.
Cybereason's latest honeypot-derived research reveals that threat actors are increasingly targeting critical infrastructure providers with multistage ransomware attacks. CISO Israel Barak details why these strikes are so prevalent and concerning.
Japanese auto giant Honda has confirmed that it sustained a hack attack earlier this week that has affected production operations at several of its global facilities, including plants in the U.S., Japan, Turkey and Italy. Security researchers suspect ransomware is the likely culprit.
Educational institutions and healthcare entities both have been favorite targets of hackers during the coronavirus pandemic - but academic healthcare systems involved with COVID-19 research appear to be in the bullseye. Among the latest institutions reportedly hit is the University of California San Francisco.
Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Thankfully, security experts continue to release free decryptors for some strains.
A sophisticated strain of ransomware called Tycoon has been selectively targeting education and software companies since December 2019, according to a joint report released by BlackBerry and KPMG. Due to its unique development, this crypto-locking malware can target both Windows and Linux systems.
The Maze ransomware gang is hosting and promoting data stolen by other ransomware operators on its "Maze News" website, according to IBM researchers, who are concerned this could be a sign of growing collaboration among cybercrime groups.
Ransomware-wielding attackers are typically breaking into victims' networks using remote desktop protocol access, phishing emails or malware that's sometimes used in drive-by attacks against browsers, experts warn, advising organizations to make sure they have the right defenses in place.