The ransomware group – RansomHub – has emerged as a significant player in the ransomware landscape, making bold claims and substantiating them with data leaks. It emerged after the Federal Bureau of Investigation (FBI) disrupted ALPHV’s ransomware operation on December 19, 2023. There are assumptions that RansomHub is the “spiritual successor” of ALPHV group that operates with the help of former ALPHV affiliates.

Researchers at ThreatFabric warn that a phishing campaign is distributing the Chameleon Android malware by impersonating a Customer Relationship Management (CRM) app. The campaign is currently targeting users in Canada and Europe, but may expand to other regions. “The naming used for the dropper and the payloads clearly shows that the intended victims of the campaign are hospitality workers and potentially B2C business employees in general,” ThreatFabric says.

Double extortion ransomware is a type of cyber attack in which cybercriminals steal sensitive data and encrypt it. Then, cybercriminals threaten to release the stolen data unless the victim pays a ransom. The additional threat of exfiltration makes this type of cyber attack particularly damaging for organizations, as they face the risk of sensitive data being exposed to the public or sold on the dark web.

2024 has been quite the year for malware attacks. So far this year, major companies like Change Healthcare, Ticketmaster, Ascension Hospital, ABN AMRO and CDK Global have all been affected by malware attacks. Keep reading to learn more about each of these major malware attacks and how your company can protect itself from malware attacks.

On August 7th, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an update to an existing advisory (AA23-061A) highlighting new TTPs being leveraged by the recently rebranded “Royal” ransomware gang – now known as BlackSuit. Detailed information about this threat and the associated IOCs and TTPs can be seen on #StopRansomware: Blacksuit (Royal) Ransomware.

I am proud to announce that Rubrik has been recognized as a leader not just once but five consecutive times – we believe this is a testament to our vision and commitment to cyber resilience. This recognition in the Gartner Magic Quadrant for Enterprise Backup and Recovery Solutions (EBRSS)1 is a significant milestone for us, and it reaffirms our dedication to empowering organizations to navigate the complexities of data security and protect against evolving cyber threats.

The financial repercussions of the May 2024 ransomware attack on the electronics manufacturing services firm Key Tronic underscores just how costly these attacks are. Key Tronic makes parts for a number of sectors, including computer, telecom, medical, industrial, automotive and aerospace. They were struck in May with a ransomware attack by Black Basta, which claimed to have stolen 500 GB of data.

In a notable development in the cybersecurity landscape, the emerging threat group known as Hunters International has added a novel remote access Trojan (RAT) to its arsenal. This group, which has quickly ascended the ranks of ransomware operators, is using the RAT, dubbed SharpRhino, to target IT professionals. Disguised as a legitimate network administration tool, SharpRhino facilitates initial access and persistence on targeted networks, setting the stage for ransomware attacks.