Ryuk is the most prolific ransomware gang in the world, accounting for one-third of the 203 million U.S. ransomware attacks in 2020, according to cybersecurity firm SonicWall.
Microsoft is warning against a new adversarial campaign that attempts to hijack Azure’s machine learning infrastructure to deploy cryptomining workloads. The recent attacks show how cybercriminals are increasingly targeting Kubernetes clusters and their surrounding ecosystem.
Proofpoint reported about a new DDoS extortion activity by a threat actor group called Fancy Lazarus. It was observed extorting funds from various organizations operating in the energy, financial, and manufacturing sectors, among others.
Experts took the wraps off of activities of Gelsemium APT, which uses state-of-the-art supply chain attack techniques against targets, including electronics manufacturers, in East Asia and the Middle East. Its attack strategy indicates that the group is predetermined about its targets and could be a potential threat for the organizations on its radar.
The DOJ has seized approximately $2.3 million ransom amount in BTC paid to DarkSide by Colonial Pipeline last month. The FBI used a bitcoin private key to prevent the transaction.
The REvil ransomware gang recently attacked JBS, the world’s largest meat processing company. The attack forced the company to shut down its Australian and North American IT systems.
The group stole the source code for FIFA 21 and related tools that match players with other players, as well as the source code for the Frostbite engine that powers games like Battlefield and other internal game development tools.
Unlike many of the companies hit by high-profile ransomware attacks in recent months, the union declined to pay, despite the FBI’s advice to do so, three sources familiar with the previously unreported cyberattack told NBC News.
Italy has created a national cybersecurity agency following warnings by Prime Minister Mario Draghi that Europe needed to protect itself from Russian “interference.” The new agency was approved in a cabinet meeting this week.
The vulnerability, classified as high severity and tracked as CVE-2021-3560, impacts polkit, an authorization service that is present by default in many Linux distributions.