-
CDK Global outage caused by BlackSuit ransomware attack
The BlackSuit ransomware gang is behind CDK Global's massive IT outage and disruption to car dealerships across North America, according to multiple sources familiar with the matter.
- June 22, 2024
- 03:08 PM
7
-
Police arrest Conti and LockBit ransomware crypter specialist
The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself.
- June 12, 2024
- 09:42 AM
2
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Researchers link 3AM ransomware to Conti, Royal cybercrime gangs
Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang.
- January 20, 2024
- 10:09 AM
- 0
-
The Week in Ransomware - September 8th 2023 - Conti Indictments
It started as a slow ransomware news week but slowly picked up pace with the Department of Justice announcing indictments on TrickBot and Conti operations members.
- September 08, 2023
- 05:45 PM
- 0
-
US and UK sanction 11 TrickBot and Conti cybercrime gang members
The USA and the United Kingdom have sanctioned eleven Russian nationals associated with the TrickBot and Conti ransomware cybercrime operations.
- September 07, 2023
- 10:27 AM
- 0
-
Monti ransomware targets VMware ESXi servers with new Linux locker
The Monti ransomware has returned to action after a two-month hiatus, now targeting primarily legal and government organizations, and VMware ESXi servers using a new Linux variant that is vastly different from its predecessors.
- August 14, 2023
- 12:12 PM
- 0
-
Ex-Conti members and FIN7 devs team up to push new Domino malware
Ex-Conti ransomware members have teamed up with the FIN7 threat actors to distribute a new malware family named 'Domino' in attacks on corporate networks.
- April 17, 2023
- 04:36 PM
- 0
-
Conti-based ransomware ‘MeowCorp’ gets free decryptor
A decryption tool for a modified version of the Conti ransomware could help hundreds of victims recover their files for free.
- March 16, 2023
- 02:08 PM
- 0
-
The Week in Ransomware - February 10th 2023 - Clop's Back
From ongoing attacks targeting ESXi servers to sanctions on Conti/TrickBot members, it has been quite a busy week regarding ransomware.
- February 10, 2023
- 06:24 PM
- 0
-
U.S. and U.K. sanction TrickBot and Conti ransomware operation members
The United States and the United Kingdom have sanctioned seven Russian individuals for their involvement in the TrickBot cybercrime group, whose malware was used to support attacks by the Conti and Ryuk ransomware operation.
- February 09, 2023
- 10:21 AM
- 6
-
LockBit ransomware goes 'Green,' uses new Conti-based encryptor
The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for the Conti ransomware.
- February 01, 2023
- 05:48 PM
- 0
-
Ransomware gang's Cobalt Strike servers DDoSed with anti-Russia messages
Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity.
- September 07, 2022
- 09:09 AM
- 4
-
Google says former Conti ransomware members now attack Ukraine
Google says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations (NGOs).
- September 07, 2022
- 07:00 AM
- 0
-
The Week in Ransomware - August 12th 2022 - Attacking the defenders
It was a very busy week for ransomware news and attacks, especially with the disclosure that Cisco was breached by a threat actor affiliated with the Yanluowang ransomware gang.
- August 12, 2022
- 07:19 PM
- 1
-
US govt will pay you $10 million for info on Conti ransomware members
The U.S. State Department announced a $10 million reward today for information on five high-ranking Conti ransomware members, including showing the face of one of the members for the first time.
- August 11, 2022
- 05:46 PM
- 0
-
Ransomware gangs move to 'callback' social engineering attacks
At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim's network.
- August 10, 2022
- 04:45 PM
- 0
-
The Week in Ransomware - July 22nd 2022 - Attacks abound
New ransomware operations continue to be launched this week, with the new Luna ransomware found to be targeting both Windows and VMware ESXi servers.
- July 22, 2022
- 11:52 PM
- 0
-
How Conti ransomware hacked and encrypted the Costa Rican government
Details have emerged on how the Conti ransomware gang breached the Costa Rican government, showing the attack's precision and the speed of moving from initial access to the final stage of encrypting devices.
- July 21, 2022
- 10:20 AM
- 0
-
The Week in Ransomware - June 24th 2022 - Splinter Cells
The Conti ransomware gang has finally ended their charade and turned off their Tor data leak and negotiation sites, effectively shutting down the operation.
- June 24, 2022
- 06:20 PM
- 0
-
Conti ransomware finally shuts down data leak, negotiation sites
The Conti ransomware operation has finally shut down its last public-facing infrastructure, consisting of two Tor servers used to leak data and negotiate with victims, closing the final chapter of the notorious cybercrime brand.
- June 24, 2022
- 10:35 AM
- 1
