Forcepoint X-Labs researchers have identified a large Phorpiex botnet-aided phishing campaign that uses weaponized Windows shortcut files to deploy Global Group ransomware across victim systems. The campaign, observed in late 2024 and continuing into 2026, leverages a common email lure, with the subject “Your Document”, to trick recipients into opening a malicious LNK attachment. “By…
Category: Cybercrime, Malware, Ransomware, Security
Cybercrime, Malware, Ransomware, Security, Global Security News
Sicarii ransomware locks your data and throws away the keys
A newly observed Sicarii ransomware strain contains a critical encryption key handling defect that can leave encrypted data unrecoverable, even if a victim pays the ransom or uses a provided decryptor. Analysts at the Halcyon Ransomware Research Center found that Sicarii generates fresh RSA key pairs for each execution and then discards the private key,…
Cybercrime, Malware, Ransomware, Security, Global Security News
Ransomware-Attacke auf Verkehrsgesellschaft Main-Tauber
srcset=”https://b2b-contenthub.com/wp-content/uploads/2026/01/480442374_625365396806507_3730545703312550477_n.jpg?quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2026/01/480442374_625365396806507_3730545703312550477_n.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2026/01/480442374_625365396806507_3730545703312550477_n.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2026/01/480442374_625365396806507_3730545703312550477_n.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2026/01/480442374_625365396806507_3730545703312550477_n.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2026/01/480442374_625365396806507_3730545703312550477_n.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2026/01/480442374_625365396806507_3730545703312550477_n.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2026/01/480442374_625365396806507_3730545703312550477_n.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2026/01/480442374_625365396806507_3730545703312550477_n.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2026/01/480442374_625365396806507_3730545703312550477_n.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”auto, (max-width: 1024px) 100vw, 1024px”>Die Geschäftsstelle sowie die Mobilitätszentrale der VGMT sind derzeit geschlossen. Ursache ist eine Cyberattacke. VGMT Die Geschäftsstelle sowie die Mobilitätszentrale der Verkehrsgesellschaft Main-Tauber (VGMT) sind derzeit geschlossen und weder…
Cybercrime, Malware, Ransomware, Security, Exploits, Global Security News
Ransomware gang’s slip-up led to data recovery for 12 US firms
Twelve US companies hit by the INC ransomware group were able to recover encrypted data after a cybersecurity firm discovered the cloud storage infrastructure where the gang stockpiled what it stole. Researchers at Florida-based Cyber Centaurs said Thursday they took advantage of a lapse in operational security by the gang: They found artifacts left behind…
Cybercrime, Malware, Ransomware, Security, Global Security News
Hacker legen Websites von Conceptnet-Kunden lahm
Der Regensburger IT-Dienstleister Conceptnet wurde Opfer einer Ransomware-Attacke. fadfebrian – shutterstock.com Der Regensburger IT-Dienstleister Conceptnet informiert derzeit auf seiner Internetseite über eine technische Störung, die durch einen Ransomware-Angriff verursacht wurde. Berichten zufolge haben sich die Täter um den 13. Januar 2026 Zugriff auf die IT-Infrastruktur des Unternehmens verschafft. „Dabei wurden zentrale Systeme – darunter Web-…
Cybercrime, Malware, Ransomware, Security, Global Security News
Fahndung nach Kopf von Black Basta
srcset=”https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?quality=50&strip=all 3008w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_1415668481.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”auto, (max-width: 1024px) 100vw, 1024px”>Das BKA und die ZIT fahnden nach dem mutmaßlichen Anführer der Ransomware-Gruppe Black Basta. Die Erpresserbande ist für zahlreiche Angriffe in Deutschland verantwortlich. zimmytws – shutterstock.com Die Behörden…
Cybercrime, Malware, Ransomware, Security, Global Security News
Neue Ransomware-Bedrohung zielt auf deutsche Unternehmen
Der Ransomware-Dienst Ransomhouse nutzt jetzt eine komplexe Dual-Schlüssel-Verschlüsselung und automatisierte Angriffe auf VMware ESXi. Suttipun – shutterstock.com Sicherheitsexperten haben kürzlich festgestellt, dass die Ransomware-Gruppe Jolly Scorpius ihren RaaS-(Ransomware as a Service)-Dienst Ransomhouse massiv verbessert hat. Wie das Threat-Intelligence-Team von Palo Alto Networks berichtet, nutzt die Gruppe jetzt ein fortschrittliches duales Verschlüsselungssystem. Die Angriffe basieren auf…
Cybercrime, Malware, Ransomware, Security, Exploits, Global Security News
US cybersecurity experts plead guilty to attacking US companies with ransomware
Two cybersecurity professionals charged with running a ransomware operation have pleaded guilty to conspiring to obstruct, delay, or affect commerce through extortion. They will be sentenced on March 12, 2026, the US Department of Justice announced this week. Ryan Goldberg and Kevin Martin were charged with using the BlackCat ransomware against multiple victims in the…
Cybercrime, Malware, Ransomware, Security, Exploits, Global Security News
Two cybersecurity experts plead guilty to running ransomware operation
Two cybersecurity professionals charged with running a ransomware operation have pleaded guilty to conspiring to obstruct, delay, or affect commerce through extortion. They will be sentenced on March 12, 2026, the US Department of Justice announced this week. Ryan Goldberg and Kevin Martin were charged with using the BlackCat ransomware against multiple victims in the…
Cybercrime, Malware, Ransomware, Security, Global Security News
Interpol sweep takes down cybercrooks in 19 countries
A ransomware expert lauded a recent crackdown on cybercrooks in Africa that resulted in the decryption of six ransomware strains, smashing of links to malicious websites, and hundreds of arrests as major action. “This may not be the same headline as taking down LockBit, but I think it is significant,” said Jon DiMaggio, chief security…
Cybercrime, Malware, Ransomware, Security, Global Security News
Think you can beat ransomware? RansomHouse just made it a lot harder
A recent upgrade to the RansomHouse ransomware operation has added new concerns for enterprise defenders, introducing a multi-layered encryption update to the group’s double-extortion RaaS model. Also tracked under the cluster Jolly Scorpius, the ransomware gang has transitioned from a simple, single-phase encryption routine to a multi-layered dual-key encryption architecture that increases the complexity of…
Cybercrime, Malware, Ransomware, Security, Global Security News
Ransomware-Bande attackiert Ideal Versicherung
Die Ransomware-Bande Akira hat die Versicherungsgruppe Ideal angegriffen. Who is Danny – shutterstock.com Auf seiner Webseite informiert das Versicherungsunternehmen Ideal aktuell über einen Cyberangriff. Die Systeme seien vorsorglich vom Netz genommen worden und der Geschäftsbetrieb würde nur noch eingeschränkt funktionieren, heißt es. Die zur Versicherungsgruppe gehörende Ahorn AG ist demnach ebenfalls von dem IT-Ausfall betroffen.…
Cybercrime, Malware, Ransomware, Security, Global Security News
Manufacturing fares better against ransomware — with room for improvement
The manufacturing industry is performing better in protecting itself against ransomware, according to a recent study from security provider Sophos. Compared to previous years’ results, many manufacturing companies are now able to stop ransomware attacks before data is encrypted. This year just 40% of cyberattacks against manufacturing entities resulted in data encryption. This is the lowest…
Cybercrime, Malware, Ransomware, Security, Global Security News
Ransomware: Trotz besserer Abwehr hoher Anteil an Lösegeldzahlungen
srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?quality=50&strip=all 6485w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2025/12/shutterstock_2409735251.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”auto, (max-width: 1024px) 100vw, 1024px”>Sophos-Studie: Mehr als die Hälfte der Industrieunternehmen hat das Lösegeld nach einer Ransomware-Attacke bezahlt. Andrey_Popov – shutterstock.com Einer aktuellen Studie des Security-Anbieters Sophos zufolge schneidet die Fertigungsindustrie…
Cybercrime, Malware, Ransomware, Security, Global Security News, North America
Alliances between ransomware groups tied to recent surge in cybercrime
A seasonal surge in malicious activity combined with alliances between ransomware groups led to a 41% increase in attacks between September and October. Cybercriminal group Qilin continues to be the most active ransomware paddlers, responsible for 170 of 594 attacks (29%) in October, NCC Group reports. Sinobi and Akira followed with 15% of ransomware attacks…
Cybercrime, Malware, Ransomware, Security, Exploits, Global Security News
Akira ransomware expands to Nutanix AHV, raising stakes for enterprise security
The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI and several international partners, has issued a new advisory warning organizations about the growing threat posed by the Akira ransomware group to critical infrastructure. The latest update shows the ransomware group has expanded its capabilities beyond VMware ESXi and Hyper-V environments and is now…
Cybercrime, Malware, Ransomware, Security, Global Security News
Vibe-codierte Ransomware auf Microsoft Marketplace entdeckt
Forscher haben eine Visual- Studio- Code-Erweiterung mit Ransomware-Funktionen entdeckt. fadfebrian – shutterstock.com Der Sicherheitsspezialist Secure Annex stellte kürzlich fest, dass eine Schadsoftware namens „Ransomvibe” in Erweiterungen für den Quellcode-Editor Visual Studio Code eingebettet wurde. „Sobald die Erweiterung aktiviert ist, wird zunächst die Funktion zipUploadAndEcnrypt ausgeführt. Diese Funktion wendet alle für Ransomware und Erpressungssoftware typischen Techniken…
Cybercrime, Malware, Ransomware, Security, Global Security News
Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace
In a suspected test effort, unknown actors have successfully embedded a strain of ransomware-style behavior, dubbed Ransomvibe, into extensions listed for Visual Studio Code. According to Secure Annex findings, the malicious code published to the VSCode extension marketplace was clearly vibe-coded, lacking any real sophistication. “This is not a sophisticated example as the command and…
Cybercrime, Malware, Ransomware, Security, Global Security News
Report: Profits from ransomware attacks declining
A new study from cybersecurity firm Coveware shows that the ransomware economy is changing. Despite the increase in attacks, average ransom amounts and the percentage of organizations paying extortion demands is expected to decrease in 2025. In the third quarter, only 23% of victims paid any ransom. This compares to 28% in the first quarter of 2024.…
Cybercrime, Malware, Ransomware, Security, Global Security News
Old threats, new consequences: 90% of cyber claims stem from email and remote access
Even as attackers are growing ever more sophisticated in their methods, it seems there’s no point in messing with the tried-and-true. According to cyber insurance company At-Bay’s 2025 InsurSec Rankings Report, email and remote access remain the most prominent cyber threat vectors, accounting for 90% of cyber insurance claims in 2024. And, no surprise, larger…
Cybercrime, Malware, Ransomware, Security, Global Security News
Risiken bei der Wiederherstellung nach Ransomware-Angriffen
Die Zahlung des Lösegelds nach einer Ransomware-Attacke ist keine Garantie für eine reibungslose oder gar erfolgreiche Wiederherstellung der Daten. AndryDj – shutterstock.com Zwei von fünf Unternehmen, die Cyberkriminellen für die Entschlüsselung von Ransomware bezahlen, können ihre Daten nicht wiederherstellen. Das hat eine weltweite Umfrage des Versicherungsanbieters Hiscox unter 1.000 mittelständischen Unternehmen ergeben. Die Ergebnisse zeigen,…
Cybercrime, Malware, Ransomware, Security, Global Security News
Ransomware-Attacke auf Nickelhütte Aue
Cyberkriminelle haben die Büro-IT der Nickelhütte Aue lahmgelegt. Andrey_Popov – shutterstock.com Wie die Nickelhütte Aue auf ihrer Webseite mitteilt, haben Cyberkriminelle die Büro-IT angegriffen und Daten verschlüsselt. Infolgedessen komme es derzeit zu Beeinträchtigungen der IT-Systeme, heißt es. Ein Sprecher erklärte gegenüber CSO, dass die betroffenen Daten aus den Bereichen HR, Buchhaltung, Finanzen sowie Einkauf und…
Cybercrime, Malware, Ransomware, Security, Global Security News
Hacker verkaufen Daten von Geiger im Darknet
srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?quality=50&strip=all 5616w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2025/10/shutterstock_1709962954.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”auto, (max-width: 1024px) 100vw, 1024px”>Die Ransomware-Bande Rhysida versteigert angeblich gestohlene Daten des deutschen Maschinenbau-Unternehmens Geiger im Darknet. BestForBest – shutterstock.com Am 17. Oktober hat die Ransomware-Gruppe Rhysida den deutschen Maschinenbauer Geiger…
Cybercrime, Malware, Ransomware, Security, Global Security News
Scattered Lapsus$ Hunters extortion site goes dark: What’s next?
Is this really the end of the road for the notorious Scattered Lapsus$ Hunters ransomware alliance? Last week, the extortion supergroup had its dark web and clearnet domains seized by police, the latest setback to befall the alliance that had threatened to release Salesforce data allegedly stolen from 39 companies, including Google, in a mass…