IBM X-Force has uncovered CastleBot, a nascent malware framework operating as a Malware-as-a-Service (MaaS) platform, enabling cybercriminals to deploy a spectrum of payloads ranging from infostealers to sophisticated backdoors implicated in ransomware operations. First detected in early 2025 with heightened activity since May, CastleBot facilitates the delivery of threats like NetSupport and WarmCookie, which have...Read More
Exclusive: Belmont Christian College investigating ransomware claims Threat actors have claimed a cyber attack on a NSW Christian school, claiming to have exfiltrated student and employee data. Belmont Christian College, which is owned by Belmont Baptist Church, is a kindergarten to year 12 Christian school located in the Lake Macquarie area of NSW. In 2024,...Read More
The Cookville Regional Medical Center (CRMC), serving the surrounding Tennessee and Kentucky regions, is still struggling to recover from a July 13th ransomware attack claimed over the weekend by the Rhysida gang. The Rhysida ransomware group has posted the Cookeville Regional Medical Center on its dark leak site, two weeks after the inital attack. The...Read More
Since 2022, ransomware campaigns have grown increasingly adept at evading endpoint detection and response (EDR) systems. Sophisticated malware known as EDR killers, specifically ‘AVKiller’, are now routinely deployed as the first stage in multi-pronged attacks, neutralizing security software to enable ransomware execution. The emergence of AVKiller highlights a mature criminal marketplace: some tools are engineered...Read More
Federal law enforcement agencies have successfully dismantled critical infrastructure belonging to BlackSuit ransomware, marking a significant victory in the ongoing fight against cybercriminal enterprises. The operation, coordinated by ICE’s Homeland Security Investigations (HSI) alongside international partners, targeted the successor group to Royal ransomware, which has terrorized organizations worldwide through sophisticated double-extortion tactics. International Operation Dismantles...Read More
US law enforcement claims BlackSuit is completely dismantled The agencies seized servers, domains and digital assets Since 2022, the group hit 450 companies and stole millions of dollars BlackSuit, a ransomware group and a successor to the Royal gang, managed to compromise 450 organizations in the United States and steal $370 million in ransom payments,...Read More
In the ever-evolving cat-and-mouse game between cybercriminals and security vendors, a new tactic has emerged that underscores the vulnerabilities inherent in even the most trusted software components. Hackers deploying the Akira ransomware have discovered a clever method to sidestep Microsoft Defender, Windows’ built-in antivirus, by exploiting a legitimate driver from an Intel CPU tuning tool....Read More
Spartanburg County hit by cyberattack, some online services disrupted IT’S TIME FOR NEWS TO GO. WE’VE GOT A LOOK AT TODAY’S TOP NEWS STORIES, TRAFFIC AND WEATHER ALL BEFORE YOU HEAD OUT THE DOOR. BUT WE START WITH NEW DETAILS. AFTER A SHOOTING AT A GEORGIA ARMY BASE, THE SUSPECT IN WEDNESDAY’S SHOOTING AT FORT...Read More
A cybercrime group that could be a successor to the BlackCat/Alphv ransomware operation is associated with about $34.2 million in cryptocurrency transactions since popping up in mid-2024, researchers said Friday. Blockchain intelligence company TRM Labs said the Embargo ransomware gang appears to be “well resourced and technically capable,” and its activity over such a short...Read More
Intelligence gathered by gardaí following the 2021 HSE cyberattack has led directly to the dismantling of an international cybercrime crime gang by US authorities. The Garda National Cyber Crime Bureau played a central role in the “major disruption” operation which took down the critical infrastructure of the BlackSuit Ransomware Group. The group is responsible for...Read More
