Tag

Ransomware

All articles tagged with #ransomware

technology4 days ago•6 min saved

European Police Dismantles First VPN, Unmasks Thousands of Criminals

European authorities led by France and the Netherlands, with Europol and Eurojust, dismantled the First VPN service used by cybercriminals for ransomware and data theft. Investigators infiltrated the service, seized 33 servers, and arrested its administrator, identifying about 506 users and producing 83 intelligence packages that supported 21 Europol-facilitated investigations. The operation underscored how VPNs marketed as ‘no-logs’ can mislead users who believe they are safe, even as criminal activity relies on such infrastructure.

via Ars Technica|

#cybercrime #europol #law-enforcement

cybersecurity5 days ago•4 min saved

Global raid shuts down ransomware-linked VPN First VPN and seizes its infrastructure

An international operation led by France and the Netherlands, with Europol/Eurojust support, dismantled the ‘First VPN’ service used by ransomware and data-theft actors. Authorities seized 33 servers across 27 countries, shut down key domains, disrupted infrastructure, and arrested the administrator in Ukraine. Investigators infiltrated the VPN to recover data, with Europol reporting 506 identified users and 83 intelligence packages shared to aid ongoing investigations into ransomware and related crimes. While VPNs have legitimate uses, criminals leveraged this service to hide activity; all identified users have been notified and further legal action may follow.

via BleepingComputer|

#cybercrime #cybersecurity #europol

technology14 days ago•2 min saved

Canvas LMS breaches halted after hackers’ deal, data reportedly returned

Instructure says it reached an agreement with the ShinyHunters hackers after a breach of the Canvas LMS; the stolen data has reportedly been returned and the company asserts that no customers will be extorted as a result of the incident, though it’s unclear if a ransom was paid. Instructure also says data destruction was verified, most systems are back online, and it will share more details in a forthcoming webinar.

via The Verge|

#canvas #cybersecurity #data-breach

technology15 days ago•4 min saved

Canvas breach ends as hackers delete stolen data after deal

Instructure, the company behind the Canvas learning platform, says it reached a deal with the hackers (ShinyHunters) responsible for a major breach, secured the stolen data back, and obtained digital proof that remaining copies were destroyed via shred logs. The incident compromised student IDs, email addresses, names and messages for thousands of schools and hundreds of millions of people, though no passwords or financial data were found. Canvas was taken offline during the investigation, and the company is conducting forensic work and hardening its systems while students faced finals-related disruptions.

via WRAL|

#canvas #data-breach #instructure

technology15 days ago•51 min saved

Instructure Pays Ransom, Restores Canvas Access After Hackers

Instructure paid a ransom to the ShinyHunters gang after Canvas was breached twice, returning data for about 275 million users across 8,800 institutions and promising no extortion of customers. The monetary amount wasn’t disclosed, the deal arrived before a May 12 deadline, and Canvas environments are back online as investigators continue forensic work and security hardening.

via Inside Higher Ed|

#canvas #cybersecurity #data-breach

technology20 days ago•3 min saved

ShinyHunters hijack Penn Canvas, threaten data dump over ransom

ShinyHunters took Penn’s Canvas offline, claiming a vulnerability in Instructure and demanding a settlement to prevent a data leak, with a May 12, 2026 deadline; the group says it has access to hundreds of millions of user records, including Penn emails, names, Penn IDs, and course enrollments, and Penn is investigating with Instructure and law enforcement while other institutions are affected.

via The Daily Pennsylvanian|

#canvas #cybercrime #penn

technology20 days ago•6 min saved

MuddyWater Uses Teams for Credential Theft in False-Flag Ransomware Operation

Rapid7 links MuddyWater to a 2026 operation that used interactive Teams screen-sharing to harvest credentials and bypass MFA, exfiltrate data, and maintain persistence with tools like DWAgent and AnyDesk, while avoiding file encryption to masquerade as a ransomware attack. Described as a false-flag, state-backed campaign, it leverages a Chaos RaaS framework and off-the-shelf tools to blur attribution, highlighting evolving attacker tradecraft that blends cybercrime with strategic aims.

via The Hacker News|

#cybersecurity #iran #microsoft-teams

technology21 days ago•52 min saved

Hackers Hit Major EdTech Vendor, Threaten Data Leak

Cybercriminals from ShinyHunters breached Instructure, the maker of Canvas LMS used by roughly 41% of colleges, potentially affecting up to 9,000 schools and 275 million people. They issued a 'PAY OR LEAK' ransom and warned of releasing private messages if payment wasn’t made; Instructure says it has contained the breach, revoked privileged credentials, rotated keys, and increased monitoring, with data exposed mainly names, emails, and student IDs. Security experts say the attack illustrates vendor-supply-chain risk in higher education, as attackers target platforms used across thousands of institutions rather than individual campuses.

via Inside Higher Ed|

#cybersecurity #data-breach #edtech

technology1 month ago•5 min saved

GTA 6 Hack Sparks Ransom Demands After Third-Party Breach

A ransomware group called ShinyHunters breached Rockstar Games through Anodot, a third‑party analytics provider, gaining access to Rockstar’s Snowflake data and threatening to leak it unless paid; Rockstar says only limited non‑material company information was accessed and players aren’t affected, though the incident underscores ongoing ransomware risks for game studios and their vendors.

via CNET|

#anodot #ransomware #rockstar-games

technology1 month ago•2 min saved

Ransomware threat targets Rockstar Games as ShinyHunters set April 14 deadline

Hacker group ShinyHunters says it breached Rockstar Games and has given a deadline of April 14 to pay or face data leaks, focusing on non-material corporate assets; Rockstar disputes the severity, stating only data from a third-party breach was accessed and players aren’t affected, though marketing materials could surface ahead of GTA VI’s release.

via Mashable|

#cybersecurity #gta-vi #ransomware

technology1 month ago•14 min saved

GTA 6 Studio Hit by Cloud Breach, Hackers Warn of Data Leak Over Ransom

Hackers ShinyHunters claim Rockstar Games’ cloud environment was breached and threaten to leak a data cache unless a ransom is paid by April 14; Rockstar later confirmed a data breach but said only a limited amount of non-material company information was accessed via a third-party service, with no impact on players or operations. The attackers are believed to have targeted corporate data (contracts, financials, marketing), not user passwords or personal gamer data.

via Kotaku|

#data-breach #gta-6 #ransomware

technology2 months ago•8 min saved

AI-Driven Cyber Threats Push Defenders Into a Two-Year Sprint

At RSA Conference, security leaders warn AI is accelerating vulnerability discovery and enabling autonomous, scalable cyber offenses, creating a two-year window of upheaval where defenders struggle to patch faster than attackers weaponize. They foresee AI-driven exploits, faster patch cycles, and a need to rethink defense—potentially with machine-speed autonomous responses and a reimagined cyber defense ecosystem—while noting national-security implications. Optimism rests on rapid, defensible AI advances, but the timeline remains tight: two years, maybe longer, to harden defenses.

via cyberscoop.com|

#artificial-intelligence #cybersecurity #defense-in-depth

security2 months ago•4 min saved

BYOVD Enables 54 EDR Killers to Undermine Defenses Ahead of Ransomware

An ESET study finds 54 EDR killer tools abuse Bring-Your-Own-Vulnerable-Driver (BYOVD) tactics across 34 signed drivers to gain kernel privileges, disable security tools, and pave the way for ransomware encryptors; actors range from closed ransomware groups and PoC tweakers to underground marketplace vendors, with some variants using scripting or driverless approaches. The report emphasizes the need for layered defenses and tighter monitoring of driver loading to disrupt attacks at multiple stages.

via The Hacker News|

#byovd #edr-killers #kernel-mode

technology2 months ago•8 min saved

Ransomware Reality: Hospitals Under Siege in Real Life and On Screen

Politico argues HBO’s The Pitt spotlights a growing real‑world threat: ransomware attacks crippling hospital networks, forcing downtime, paper-based care, and patient diversions. Real incidents like the Stryker outage and Mississippi’s medical center disruptions show outages can last weeks and jeopardize care, prompting calls for federal funding, improved agency collaboration, and stronger policy—while some polls suggest such attacks could be viewed as acts of war.

via Politico|

#cybersecurity #healthcare #hospitals

technology2 months ago•12 min saved

AI-Driven Threats Blur the Line Between Daily Activity and Breach

ThreatsDay flags AI-enhanced threats accelerating breaches and blurring into everyday activity: Kali Linux now integrates Claude via MCP for natural-language command execution; campaigns include Bitpanda phishing, four-minute lateral movement, and Mac/WinRAR exploits, aided by ad cloaking, typosquatting, and social engineering, as threat actors fragment post-RAMP and increasingly use AI-driven tactics.

via The Hacker News|

#ai #cybersecurity #phishing