ransomware
Categories
- Latest News
- China
- Trends
- Gambling
- Uncategorized
- AI
- Threat Intelligence
- Spyware
- News
- Cyber Espionage
- Data Leak
- Hacktivism
- Apple
- Phishing
- Taiwan
- Climate
- deepfake
- Cybergangs
- Geopolitics
- Malicious Bots
- Arrest
- Operational Technology
- Cyber Budget
- France
- Government
- Israel Conflict
- Cybersecurity Events
- ransomware
- Finance
- Vulnerability
- Sri Lanka
- SMB
- Retail
- Social Media
- cybercrime
- Automotive
- Supply Chain
- SEC
- Workforce Cyber
- Russia
- Wire Fraud
- Human Error
- Iran
- Surveillance
- Malware
- Chip Technology
- Big Tech
- European Union
- North Korea
- Norton
- Energy Sector
- Cyber M&A
- Spyware
- Ethiopia
- Aerospace
- Healthcare
- India
- Breaking News
- One Minute Roundup
- Business Email Compromise
- Investment Scam
- Personal Services
- China
- Cryptocurrency
- VPN
- Telecommunications
- LockBit
- Analysis
- Expert Opinions
- Space
- sextortion
- One Minute Roundup
- Featured
AI-powered ransomware fuels cybercrime
Cybercriminals are now weaponizing artificial intelligence (AI) to create potentially devastating off-the-shelf ransomware. Researchers at cybersecurity company ESET have discovered what they called "the first known AI-powered ransomware". The malware, which ESET has named PromptLock, has the ability to exfiltrate, encrypt, and possibly even destroy data, though this last functionality appears not to have been implemented in the malware as yet.
China hacks US nuclear agency
The US Nuclear Security Administration, which is responsible for maintaining and designing the USA’s cache of nuclear weapons, has been hacked by China-based cybercriminal group Storm-2603. Other organizations including the U.S Education Department, Florida’s Department of Revenue, and the Rhode Island General Assembly were also breached by Storm-2603.
Cybercrime Kills
A patient’s death following a cyber-attack on the UK health sector by ransomware group Qilin has now been reported. The death has been confirmed by King's College Hospital NHS Foundation Trust. It has been attributed to a long wait for a blood test as a result of a cyber-attack on 3 June last year, which brought pathology services to a temporary standstill. IT company Synnovis, which provides blood test services primarily in southeast London, was the victim of a ransomware attack carried out by Qilin. The hospitals affected were Guy's and St Thomas', King's College, and Lewisham and Greenwich, along with primary care facilities across six London boroughs and two mental health trusts.
Ransomware group offers cyber gangs legal advice
A new cybercriminal group, Qilin, is rapidly establishing dominance in the murky world of ransomware by providing not just ransomware-as-a-service (RaaS) but a full soup-to-nuts cybercrime service .In addition to the malware, Qilin also provides a full suite of legal guidance for criminals together with operational and storage features. According cybersecurity company, Cybereason, Qilin is positioning itself not just as a ransomware group, but as a full cybercrime service.
Teenage hackers run rings around cyber-defenses
The recent UK retail cyberattacks that impacted Marks & Spencer and the Co-Op supermarket chain are only the tip of a very large iceberg that now threatens organizations on both sides of the Atlantic. Although media reports have attributed the attacks to a group named “Scattered Spider,” the actual threat is far bigger. For a start, there is no criminal group that actually calls itself “Scattered Spider”, which is just a made-up name attributed by cybersecurity researchers. These attacks and many others in the US and the UK are now known to be the work of a vast sprawling network of hackers, some as young as 14, spread across the US and the UK. They call themselves “the Community”, or “the Com” for short, and are essentially a vast teenage subculture of criminal hackers.
Ransomware attacks on industrial systems double in one year
Ransomware attacks on the operational technology (OT) and industrial control systems (ICS) that run industrial facilities almost doubled in 2024. According to Washington DC-based industrial cybersecurity company Dragos, ransomware attacks on industrial organizations in 2024 increased by a staggering 87 percent over the previous year. The main industries targeted were: electricity and water; industrial manufacturing; telecommunications; oil and gas; food and beverage; chemical manufacturing; mining, transportation, and logistics. Manufacturing, which accounted for 69 percent of all ransomware attacks targeting 1,171 manufacturing entities, was by far the worst hit.
New ransomware threat emerges in 2025
A new and unusually dangerous and sophisticated gang of cybercriminals, named BlackLock, has emerged as a major ransomware threat in 2025. Cybersecurity company Reliaquest observed a staggering 1,425 percent increase in the gang’s activities in the last quarter of 2024. Its ransomware is built to target Windows, VMWare ESXi, and Linux environments and is designed as a double-extortion attack, which involves not only locking the target organization’s critical data by encrypting it, but also by identifying sensitive information and threatening to expose it. “BlackLock’s rise has been both swift and strategic, targeting organizations across a wide range of sectors and geographies,” reports Reliaquest.
‘Dark Unicorns’ target US healthcare
Ransomware attacks on the healthcare sector have risen by a third in 2024 with the US the prime target. Cybersecurity company Black Kite reports 374 incidents in the past year, a 32.16 percent rise in the number of attacks on the industry over 2023. Healthcare is now among the top targets for ransomware, surpassed only by manufacturing and professional services. The rapid rise in ransomware attacks on the healthcare sector is the result of increasing ruthlessness on the part of ransomware gangs. Until relatively recently, some sectors, such as healthcare and education, were considered off-limits. According to Black Kite, if an affiliated criminal gang attacked a healthcare organization, the core ransomware group would frequently step in, apologizing to the victim organization -sometimes even decrypting the ransomed data for free.
‘Hellcat’ is new breed of cybercriminal
A ransomware gang, Hellcat, that emerged in 2024 is being seen as representative of a new type of threat actor using off-the-shelf malware and innovative extortion techniques. According to cybersecurity company Cato Networks: “Hellcat’s emergence in 2024 marks a troubling shift in the landscape of cybercrime. By leveraging a ransomware-as-a-service (RaaS) model and utilizing double extortion tactics, Hellcat has not only increased the accessibility of ransomware but also heightened the psychological impact on its victims.”