Double Extortion Ransomware: The New Normal

With more and more businesses learning how to avoid paying huge amounts of money to ransomware actors by maintaining up-to-date backups and having disaster recovery plans in place, the number…

‘Double-Extortion’ Ransomware Data Leaks Skyrocket 935%

Startling triple-digit growth is fueled by easy criminal access to corporate networks and RaaS tools, an analysis found. The ransomware business is booming, and feeble corporate security and a flourishing…

Double Extortion Ransomware Victims Soar 935%

Double Extortion Ransomware Victims Soar 935% Researchers have recorded a 935% year-on-year increase in double extortion attacks, with data from over 2300 companies posted onto ransomware extortion sites. Group-IB’s Hi-Tech Crime…

Bitdefender Threat Debrief | November 2021

The Bitdefender Threat Debrief (BDTD) is a monthly series analyzing threat news, trends, and research from the previous month. You can find all previous debriefs here. Highlight of the month:…

Yanluowang Ransomware Tied to Thieflock Threat Actor

Links between the tactics and tools demonstrated in attacks suggest a former affiliate has switched loyalties, according to new research. A threat actor previously tied to the Thieflock ransomware operation…

Who Is Behind the Comeback of Emotet?

Conti ransomware is a very dangerous malicious actor because of how quickly it encrypts data and spreads to other computers. To get remote access to the affected PCs, the organization…

Ransomware is now a giant black hole that is sucking in all other forms of cybercrime

Ransomware is so lucrative for the gangs involved that other parts of the cybercrime ecosystem are being repurposed into a system for delivering potential victims. “The gravitational force of ransomware’s…

Russian Ransomware Gangs Might be Collaborating with Chinese Hackers

RAMP is a Russian-language forum that debuted in July 2021 and has drawn a lot of interest from researchers and cybercriminals alike.The forum was created on the same domain that…

Now Iran's state-backed hackers are turning to ransomware

Microsoft has detailed the activities of six Iranian hacker groups that are behind waves of ransomware attacks that have arrived every six to eight weeks since September 2020.  Russia is…

ProxyShell vulnerabilities exploited in domain-wide ransomware attacks

The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets, revealed a new research report from The DFIR Report. The report, published on Monday, explained…