02 Jan, 2025

New Play ransomware Linux version targets VMware ESXi VMs

Play ransomware is the latest ransomware gang to start deploying a dedicated Linux locker for encrypting VMware ESXi virtual machines. Cybersecurity company Trend Micro, whose analysts spotted the new ransomware variant, says the locker is designed to first check whether it’s running in an ESXi environment before executing and that it can evade detection on […]

3 mins read

VMware ESXi servers targeted by new Linux ransomware variant

A string of attacks on VMware ESXi servers were launched by the Play ransomware group, best known for its double-extortion tactics. In a July 19 blog post, Trend Micro researchers said most of the attacks have been concentrated in the United States. The researchers explained that the ransomware will first verify if it’s running on […]

4 mins read

Two Russians Convicted for Role in LockBit Attacks

Two Russian nationals have pleaded guilty to their participation in the notorious LockBit ransomware gang, the US Department of Justice (DoJ) has announced. Ruslan Magomedovich Astamirov, aged 34, and Mikhail Vasiliev, aged 34, pleaded guilty to a range of charges related to their involvement as affiliates to the ransomware-as-a-service (RaaS) group. Astamirov pleaded guilty to […]

4 mins read

UK arrests suspected Scattered Spider hacker linked to MGM attack

UK police have arrested a 17-year-old boy suspected of being involved in the 2023 MGM Resorts ransomware attack and a member of the Scattered Spider hacking collective. “We have arrested a 17-year-old boy from Walsall in connection with a global cyber online crime group which has been targeting large organisations with ransomware and gaining access to […]

2 mins read

Nearly 13 Million Australians Affected by MediSecure Attack

Personal and health data of almost 13 million Australians has been impacted by the cyber-attack on medical prescription provider MediSecure. Following an investigation of a dataset accessed by the attackers in May 2024, the company has determined that 12.9 million individuals who used the MediSecure prescription delivery service during the period of March 2019 to November […]

2 mins read

Indiana County Files Disaster Declaration Following Ransomware Attack

A County in Indiana, US, has filed a disaster declaration following a ransomware attack on local government networks, which has prevented the administration of critical services. Clay County made the declaration after confirming the incident has resulted in an inability to operate Clay County Courthouse and Clay County Probation/Community Corrections facilities. The July 11 declaration […]

3 mins read

DoNex ransomware decoded: How to use Avast decryptor

Avast released a decryptor for DoNex ransomware, offering a free recovery solution for victims of DoNex and its predecessors. DoNex, Muse, DarkRace and fake LockBit 3.0 are all names for a ransomware family that has been active since April 2022, mostly targeting businesses in the United States, Italy and Belgium, according to Avast’s telemetry data. […]

3 mins read

Victims of cyber extortion and ransomware increase in 2024

More than 4,000 new victims of ransomware were recorded over the past 12 months. According to research by Orange Cyberdefense, there was a 77% year-on-year growth from 2023 with 4,374 new victims detected in 75% of countries monitored. In the first quarter of 2024, there were 1,046 victims hit by 43 different threat actors. Speaking […]

3 mins read

CyberSecurity Alert: $5.2 Million Ransomware Demand Hits New High in 2024

In the first half of 2024, ransomware attacks continued to wreak havoc globally, with a startling average extortion demand exceeding $5.2 million (£4.1 million) per incident, as revealed by a comprehensive study from Comparitech. This unsettling statistic stems from an analysis of 56 documented ransom demands issued by cyber threat actors between January and June […]

3 mins read