A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware said the group lost control of its web servers and some of the funds it made from ransom payments.
Around one in six ransomware payments in 2020 were made to ransomware gangs that had some sort of connection to a US-sanctioned entity.
At a press conference today, President Joe Biden said the US intelligence community has no evidence that the Russian government had any kind of involvement in the ransomware attack that crippled one of the US’ largest fuel supply pipelines last week.
The operators of the DopplePaymer ransomware have leaked a large collection of files from the Illinois Office of the Attorney General after negotiations have broken down and officials refused to pay a ransom demand, The Record has learned.
A ransomware gang is threatening to leak sensitive police files that may expose police investigations and informants unless the Metropolitan Police Department of the District of Columbia agrees to pay a ransom demand.
Two hacking groups, including at least one confirmed Chinese cyber-espionage outfit, have used a new zero-day vulnerability in Pulse Secure VPN equipment to gain a foothold inside the networks of US defense contractors and government organizations across the world.
Three US security agencies have published on Thursday a joint advisory to expose and draw attention to five vulnerabilities in popular enterprise equipment that have and are still being abused by Russian state hackers to breach corporate and government networks.
In a press release today announcing a broad set of sanctions against the Russian government, the Biden administration has formally named the Russian Foreign Intelligence Service, also known as the SVR, as the perpetrator of the 2020 SolarWinds Orion supply chain attack.
The US Department of Justice announced today that a US judge granted the FBI the authority to log into web shells planted by hackers on Exchange email servers across the US and remove the malware as part of a mass-uninstall operation.
In a joint security alert published today, on Friday, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said they’d observed multiple state-sponsored hacking groups scanning the web for Fortinet devices in order to find and gain access to sensitive networks so they could launch future attacks.