On May 7, 2024, the United States unsealed an indictment against Dmitry Yuryevich Khoroshev, one of the leaders of the Russian-based ransomware group LockBit, for his alleged involvement in developing and distributing the LockBit ransomware. According to the indictment, Khoroshev performed both administrative and operational roles for the cybercrime group, including upgrading the LockBit infrastructure, […]
Ransomware
National Cyber Security Centre Forecasts Upcoming Cyber Threats with AI Use for Attacks
On January 24, 2024, the U.K.’s National Cyber Security Centre (NCSC) released a new report, The near-term impact of AI on the cyber threat, detailing how Artificial Intelligence (AI) will impact the effectiveness of cyber operations for 2025 and beyond. According to the report, threat actors are already using AI in cyber attacks and the […]
FBI Develops Decryption Tool to Combat Blackcat Ransomware
On December 19, 2023, the Justice Department (“DOJ”) announced a disruption campaign against the Blackcat ransomware group. In the same press release, they also stated that the Federal Bureau of Investigation (“FBI”) had developed a decryption tool to combat ALPHV/Blackcat’s ransomware variant. Over the last couple of years, Blackcat’s ransomware has risen in popularity and […]
Ransomware Group, in Midst of Extortion Attempt, Files Regulatory Notice with SEC
Just a month before the Security and Exchange Commission’s (“SEC’s”) Material Cybersecurity Incidents Rule is set to take effect, a ransomware group has apparently taken compliance with reporting requirements into its own hands. On November 15, 2023, the ransomware group known as BlackCat (also known as “AlphV”) posted a notice on its leak site alleging […]
FBI Cautions Organizations on Dual Ransomware Attacks
The Federal Bureau of Investigation (FBI) issued a Private Industry Notification on September 27, 2023, highlighting two concerning ransomware trends and providing companies with guidance on mitigating potential threat actor activity. As of July 2023, the FBI observed multiple ransomware attacks where two attacks against the same victim involving different ransomware variants are deployed often […]