Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. “This week, law enforcement authorities took action aga

The sudden move by Russia's top law enforcement agency to conduct a very public takedown of the REvil ransomware operation has set tongues wagging about how diplomacy may hold the key to slowing big-game ransomware attacks.The sting operation, which was followed by a carefully crafted announcement that it was done “at the request of the United States,” comes

Law enforcement authorities from 10 countries took down VPNLab.net, a VPN service provider used by ransomware operators and malware actors.The disruptive joint action was coordinated by Europol and took place on January 17, 2022. It involved simultaneous law enforcement actions in Germany, the Netherlands, Canada, the Czech Republic, France, H

Healthcare providers Caring Communities and Entira Family Clinics are warning patients that their personal information may have been exposed in a data breach that hit tech vendor Netgain Technology more than a year ago.In late November 2020, Netgain, which provides managed IT services to organizations in sectors such as accounting, healthcare, and legal, fel

Eight members of the REvil ransomware group have been arrested in Russia and will be pressed with criminal charges. Russia’s intelligence bureau, the FSB, announced on Friday that it had conducted an operation together with the Interior Ministry in Moscow, St. Petersburg, and the regions of Moscow, Leningrad and Lipetsk to detain the gang members.

Last week on Malwarebytes Labs: Ransomware cyberattack forces New Mexico jail to lock downSome Android users can disable 2G now and why that is a good thingPhishers on the prowl with fake parking meter QR codesUpdate now: Microsoft patches 97 bugs including 6 zero-days and a wormable oneSoftware engineer hacked webcams to spy on girls—Here’s how to protec

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020, it was observed targeting only Windows systems. Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files.

Microsoft is warning of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine.Starting January 13th, Microsoft detected the new attacks that combined a destructive MBRLocker with a data-corrupting malware used to destroy the victim's data intentionally.A two-stage attack destroys dataMicrosoft

QNAP NAS devices are under attack, experts warn of a new Qlocker ransomware campaign that hit devices worldwide. A new wave of Qlocker ransomware it targeting QNAP NAS devices worldwide, the new campaign started on January 6 and it drops ransom notes named !!!READ_ME.txt on infected devices. In May, the Taiwanese vendor QNAP warned its customers of up

Can Ransomware Infect Cloud Storage? January 16th, 2022 No Comments Cloud Security, Ransomware Over the last few years, many businesses and individuals have opted to move their data to cloud storage. Options like Dropbox, Microsoft OneDriv

Threat actors behind the Qlocker ransomware are once again targeting Internet-exposed QNAP Network Attached Storage (NAS) devices worldwide.Qlocker has previously targeted QNAP customers in a massive ransomware campaign that started during the week of April 19, moving victims' files within password-protected 7-zip archives with the .7z extension after breach

Eight members of the REvil ransomware operation that have been detained by Russian officers are currently facing criminal charges for their illegal activity.On Friday, the Federal Security Service (FSB) of the Russian Federation - the country’s domestic intelligence service, announced raids at the homes of 14 individuals suspected to be part

A senior Biden administration official said that the one of the Russian hacker arrested by FSB was behind the Colonial Pipeline attack. Yesterday, the Russian Federal Security Service (FSB) announced to have dismantled the REvil ransomware operation and arrested 14 alleged members of the gang. The group that is behind a long string of attacks against la

Today, the Russian government announced that they arrested fourteen members of the REvil ransomware gang on behalf of US authorities.While the ransomware gang members are only being charged with "illegal circulation of means of payment," the arrests are the first public action by Russia to stem the activities of ransomware gangs operating within the country.

The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believ