[ad_1] ICE’s Homeland Security Investigations, in close coordination with U.S. and international law enforcement partners, has successfully dismantled critical infrastructure used by BlackSuit ransomware, a major cybercriminal operation and successor to Royal ransomware, responsible for attacks on essential services around the world. The operation resulted in the seizures of servers, domains and digital assets used...Read More

[ad_1] Prairie Eye and LASIK Center, a full-service eye and vision care provider based in Springfield, Illinois, experienced a data breach involving a ransomware attack. On Aug. 7, 2025, cybercriminal group known as Abyss claimed responsibility for the attack, stating on their Tor-based leak site on the dark web that they had obtained sensitive data...Read More

[ad_1] Black Hat 2025 had plenty of shiny new toys and buzzword-heavy sessions, but the real story was hiding in plain sight. No ransomware track. No packed panel on the threat that has cost organizations billions and taken down some of the most secure environments on the planet. The only time it truly took center...Read More

[ad_1] Cryptocurrency Tracing Suggests Group Is Rebrand of Russian-Speaking BlackCat Group Mathew J. Schwartz (euroinfosec) • August 13, 2025     The Embargo logo. (Image: Embargo/Shutterstock) Even lesser-known ransomware groups haul in serious extortion cash – although in the ransomware world, little is what it seems. See Also: What Manufacturing Leaders Are Learning About Cloud...Read More

[ad_1] A sophisticated new ransomware family called Charon has emerged in the cybersecurity landscape, targeting organizations in the Middle East’s public sector and aviation industry with advanced persistent threat (APT) techniques typically reserved for nation-state actors. The ransomware campaign represents a concerning evolution in cybercriminal operations, combining stealth, precision, and destructive capabilities to maximize impact...Read More

[ad_1] The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions worldwide” that were attacked using the Microsoft SharePoint “ToolShell” vulnerabilities. The attack happened on Thursday, July 31, 2025, and resulted in the deployment of ransomware. “The ransomware attack affected...Read More

[ad_1] Fraud Management & Cybercrime , Ransomware City Refuses to Pay Ransom; Employees Report to Arena to Reset Passwords in Person Mathew J. Schwartz (euroinfosec) • August 13, 2025     Image: Sean Pavone/Shutterstock/ISMG Scenes from the ransomware recovery operation of St. Paul, Minnesota: City civil servants lined up in a stadium to manually verify...Read More

[ad_1] Over a million dollars’ worth of cryptocurrency assets laundered by or on behalf of the notorious BlackSuit ransomware gang – previously known as Royal – were seized ahead of a multinational takedown operation in July, led by the US authorities with support from the UK’s National Crime Agency (NCA) and cyber cops from...Read More

[ad_1] New Cyble data released Tuesday found that Qilin led ransomware activity for the third time in four months, capitalizing on the fall of RansomHub to claim the most victims on its data leak site. In July, Qilin hit 73 victims, about 17% of the total 423 reported attacks. Trailing behind, INC Ransom ranked second...Read More

[ad_1] The recently hacked Clinical Diagnostics laboratory in the Netherlands paid millions of euros in ransom to cybercriminals from Nova. The Rijswijk-based lab hoped to prevent more stolen medical data from appearing on the dark web. The hack affected 485,000 Dutch women who participated in the population screening for cervical cancer. The data breach was...Read More