The Fog and Akira ransomware gangs have been observed exploiting a critical vulnerability that lets them run a remote code execution (RCE) on Veeam Backup and Replications servers. While Veeam disclosed this critical deserialization bug and released a patch for CVE-2024-40711 on Sept. 4, publication of the proof-of-concept (PoC) developed by watchTowr Labs was delayed … Read more
Lynx ransomware, a newer ransomware-as-a-service (RaaS) that emerged around July may have stemmed from the INC Ransom source code that was reportedly sold in May, according to multiple analyses of the Lynx strain. The Lynx gang maintains both clear web and dark web leak sites and has claimed more than 20 victims since it first … Read more
Over 237,000 Comcast customers have had their sensitive personal information compromising following a ransomware attack against a third party company. Financial Business and Consumer Solutions (FBCS), a debt collection agency previously used by Comcast, was the subject of a ransomware attack in February 2024, which had a database of names, addresses, social security numbers, dates … Read more
The number of ransomware double-extortion groups posting to leak sites hit an all-time high in May, with 40 groups actively listing victims that month, according to Secureworks’ State of the Threat 8th Edition report published Tuesday. The Secureworks report outlines the ongoing results of law enforcement disruption of ALPHV/BlackCat and LockBit between the end of … Read more
A new ransomware operation has started to leak information it claims has been stolen from organisations it has compromised around the world. In recent days Valencia Ransomware has posted on its dark web leak site’s so-called “Wall of shame” links to gigabytes of downloadable information that has seemingly been exfiltrated from a Californian municipality, a … Read more
