RAAS – Page 2 – Cybersecurity News Everyday

Ransomware and Cyber Extortion in Q4 2024

January 15, 2025 Reliaquest

The last quarter of 2024 saw an unprecedented surge in ransomware activity, with significant growth in the number of active groups and notable incidents involving established players like LockBit and emerging threats such as Akira and BlackLock. This report highlights key findings, trends, and recommendations to bolster defenses against ransomware attacks.…

Threat Research

Campaign TrailRansomHub Ransomware: Darktrace’s Investigation of the Newest Tool in ShadowSyndicate’s ArsenalbyQing Hong Kwa

January 15, 2025 DarkTrace

Darktrace’s investigation into RansomHub attacks revealed connections to the ShadowSyndicate threat group, which has been active since July 2022. ShadowSyndicate has adopted RansomHub’s ransomware services, leading to a surge in attacks across various sectors in late 2024. The attacks involved complex tactics, including data exfiltration and file encryption, with ransom notes threatening data leaks.…

Threat Research

The Evolution of Ransomware: From Simple Encryption to Double Extortio…

January 15, 2025 SocRadar

The article discusses the evolution of ransomware from its inception in the late 1980s to its current state as a sophisticated and multi-faceted threat. It highlights key developments, including the introduction of cryptocurrencies, the rise of Ransomware-as-a-Service (RaaS), and the emergence of double and triple extortion tactics.…

Ransom Monitor

Ransom! pittman-construction.com

January 14, 2025 Monitorman

Victim: pittman-construction.com Country : US Actor: lockbit3 Source: http://lockbit3753ekiocyo5epmpy6klmejchjtzddoekjlnt6mu3qh4de2id.onion/post/YEUmFISVIWNEoDep678641daeaee1 Discovered: 2025-01-14 12:37:19.103942 Published: 2025-01-14 12:36:13.600157 Description : Pittman Construction Company, based in Conyers, has been a pivotal player in the construction industry for over a century. Established in 1884, the company has a rich history of contributing significantly to infrastructure development in Atlanta and…

Ransomware Victims – ALL | Other Victims by lockbit3

Security Insights on Pittman Construction Company Victim Website: pittman-construction.com…

Threat Research

The Evolution of Cybercrime Cartels: From Lone Wolves to Sophisticated Syndicates | Krypt3ia

January 14, 2025 admin

The article discusses the evolution of cybercrime from isolated individuals to organized syndicates, highlighting the complexity and coordination of modern cybercriminal groups. It outlines the factors driving this shift, the hierarchical structures of these groups, and the various business models they employ, such as Ransomware-as-a-Service and Initial Access Brokers.…

Cyber Attack

Emerging FunkSec Ransomware Developed Using AI

January 13, 2025January 25, 2025 SecurityWeek

Summary: FunkSec, an emerging ransomware group, has claimed responsibility for attacks on over 80 victims in December 2024, utilizing a ransomware-as-a-service model and leveraging AI in their operations. The group is characterized by inexperienced members engaging in both cybercrime and hacktivism, with ties to previous hacktivist movements.…

Cyber Attack

FunkSec: The Rising Ransomware Group Blurring the Lines Between Cybercrime and Hacktivism

January 12, 2025January 25, 2025 SecurityOnline

Summary: FunkSec is a new ransomware group that has quickly gained notoriety for its audacious claims and AI-assisted innovations, targeting organizations across multiple countries. Despite its rapid rise and ideological claims, its technical capabilities reveal significant gaps and questionable authenticity in its operations.

Threat Actor: FunkSec | FunkSec Victim: Various organizations | various organizations

Key Point :

FunkSec claimed over 85 victims in its first month, more than any other ransomware group during that period.…

Threat Research

FunkSec – Alleged Top Ransomware Group Powered by AI

January 11, 2025 Checkpoint

The FunkSec ransomware group emerged in late 2024, quickly gaining notoriety for claiming over 85 victims in December alone. Utilizing AI-assisted malware development, the group blurs the lines between hacktivism and cybercrime, complicating assessments of their true motivations and capabilities. Their operations raise questions about the authenticity of their claims and the reliability of current threat evaluation methods.…

Cyber Attack

AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics

January 10, 2025January 25, 2025 TheHackerNews

Summary: Cybersecurity researchers have identified a new AI-assisted ransomware group called FunkSec, which has targeted over 85 victims since its emergence in late 2024. The group employs double extortion tactics and operates under a ransomware-as-a-service model, with connections to hacktivist activities.

Threat Actor: FunkSec | FunkSec Victim: Various organizations | various organizations

Key Point :

FunkSec uses double extortion tactics, combining data theft with encryption to pressure victims.…

Threat Research

Emulating the Tenacious Ako Ransomware

January 10, 2025January 12, 2025 AttackIQ

Ako, also known as MedusaReborn, is a ransomware strain that operates under a Ransomware-as-a-Service model, targeting entire networks since January 2020. It shares similarities with MedusaLocker and employs various techniques for execution and encryption. Security teams are encouraged to validate their defenses against this threat using the AttackIQ Security Optimization Platform.…

Cyber Attack

Largest US addiction treatment provider notifies patients of data breach

January 10, 2025January 25, 2025 BleepingComputer

Summary: BayMark Health Services has reported a data breach that compromised personal and health information of patients due to unauthorized access by attackers between September 24 and October 14, 2024. The RansomHub ransomware gang has claimed responsibility for the breach, which involved the theft of approximately 1.5TB of sensitive data.…

Cyber Security News

How Nation-State Actors and Organized Hackers Engage in Cyber Attacks

January 8, 2025January 25, 2025 admin

The article explores the merging tactics of nation-state actors and organized cybercriminals, highlighting their shared methods and objectives in the evolving cyber threat landscape. It emphasizes the implications for global cybersecurity as both groups increasingly adopt similar strategies. Affected: Russia’s APT28, China’s APT10, Volt Typhoon, APT29, APT33, Lazarus Group, REvil, DarkSide, BianLian

Keypoints :

The distinction between nation-state actors and organized cybercriminals is becoming less clear.…

Cyber Attack

Top 5 Malware Threats to Prepare Against in 2025

January 8, 2025January 25, 2025 TheHackerNews

Summary: The content discusses high-profile cyber attacks in 2024, focusing on various malware families like Lumma, XWorm, AsyncRAT, Remcos, and LockBit, which pose significant threats to organizations. It emphasizes the importance of proactive analysis and preparation against these malware threats using tools like ANY.RUN’s Interactive Sandbox.…

Cyber Attack

Ransomware Targeting Infrastructure Hits Telecom Namibia

January 8, 2025January 25, 2025 DarkReading

Summary: Telecom Namibia experienced a significant ransomware attack by the group Hunters International, highlighting the increasing trend of cyberattacks on critical infrastructure in Africa. The incident led to the leak of customer data online, despite the company’s efforts to contain the threat and avoid paying a ransom.…

Cyber Security News

From $22M in Ransom to +100M Stolen Records: 2025’s All-Star SaaS Threat Actors to Watch

January 6, 2025January 25, 2025 TheHackerNews

Summary: In 2024, cyber threats targeting SaaS platforms surged dramatically, with significant increases in password attacks and phishing attempts resulting in billions in losses. Security teams must prioritize risk assessments and adopt monitoring tools to defend against evolving threats from notable cybercriminals.

Threat Actor: ShinyHunters | ShinyHunters Victim: Snowflake | Snowflake

Key Point :

ShinyHunters exploited a misconfiguration to breach over 165 organizations, emphasizing the importance of proper security measures.…

Ransom Monitor

Ransom! RaaS Open

December 31, 2024 Monitorman

Victim: RaaS Open Country : US Actor: funksec Source: http://7ixfdvqb4eaju5lzj4gg76kwlrxg4ugqpuog5oqkkmgfyn33h527oyyd.onion/RaaS.html Discovered: 2024-12-31 15:08:16.696583 Published: 2024-12-31 15:08:14.145881

Description : [AI generated] RaaS Open is a company focused on providing Robotics-as-a-Service solutions, streamlining automation for businesses across various industries. They offer customizable robotic systems that integrate seamlessly into existing operations, enhancing productivity and efficiency.…

Threat Research

Dark Web Profile: Trinity Ransomware

December 27, 2024 SocRadar

Trinity ransomware, identified in May 2024, employs a double extortion tactic that encrypts files and exfiltrates sensitive data. It utilizes the ChaCha20 encryption algorithm and has connections to earlier ransomware variants like Venus and Zeoticus. The healthcare sector is the most targeted, with the USA being the primary victim.…

Threat Research

Cato CTRL Threat Research: Sophisticated Data Exfiltration Tools Used in Double Extortion Ransomware Attacks by Hunters International and Play

December 26, 2024December 26, 2024 Catonetworks

Modern ransomware attacks have shifted to sophisticated double extortion tactics, where sensitive data is exfiltrated before encryption, increasing pressure on victims. The financial impact of these breaches is significant, with average costs reaching $4.88 million. Early detection of unusual internal data-copying activities is crucial for organizations to defend against these evolving threats.…

Ransom Monitor

Ransom! burri#####

December 25, 2024 Monitorman

Victim: burri##### Country : US Actor: clop Source: http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion Discovered: 2024-12-24 23:05:07.654325 Published: 2024-12-24 23:05:07.654325

Description : Presumed victim name: Burris Logistics – Cl0p announcement. We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.…

Ransom Monitor

Ransom! ruia#####

December 25, 2024 Monitorman

Victim: ruia##### Country : IN Actor: clop Source: http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion Discovered: 2024-12-24 23:05:07.654325 Published: 2024-12-24 23:05:07.654325

Description : guessed victim name: Ruia Group – Cl0p announcement. We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.…

Tag: RAAS