Western Digital Suffers Data Breach, Exposing Customer Information Western Digital, a major player in digital storage, has confirmed that its systems were breached by an unauthorized third party. During this incident, personal data belonging to customers of the company’s online store was compromised, raising significant concerns about data security and…
Cybercrime, Fraud Management & Cybercrime, Ransomware Chaos Theory Meets Ransomware, Creating Unpredictable Outcomes Mathew J. Schwartz (euroinfosec) • October 17, 2025 Image: Shutterstock Once predominantly a forte of Russian cybercriminals evading law enforcement, a surge in ransomware activity is now attributed to reckless teenagers from the West who operate under…
The U.S. Department of Justice (DoJ) has formally declared the disruption of the BlackCat ransomware operation, providing a decryption tool for over 500 victims affected by the malware. This intervention is seen as a significant step in combating ransomware threats that have plagued businesses across the globe. According to court…
The FBI has issued a warning regarding the BlackCat ransomware-as-a-service (RaaS), which has reportedly impacted at least 60 organizations globally since its debut in November 2021. This sophisticated malware, also referred to as ALPHV or Noberus, is notably the first ransomware developed using the Rust programming language, renowned for its…
In a significant legal development, U.S. prosecutors recently filed criminal charges against Thalha Jubair, a 19-year-old from the U.K., in connection with his alleged involvement as a central figure in Scattered Spider, a notorious cybercrime organization implicated in extortion schemes totaling over $115 million. These accusations, which emerged as Jubair…
Certainly! Here’s a rewritten version of the provided content tailored for a tech-savvy professional audience, focusing on clarity and factual reporting while incorporating relevant cybersecurity frameworks. Cyber Threat Landscape in 2024: Rising Challenges for SaaS Security As we approach the end of 2024, the cybersecurity landscape reveals a troubling surge…
In 2024, a total of 5,414 ransomware attacks occurred worldwide, representing an 11% increase compared to 2023. Following a gradual start, ransomware incidents surged in the second quarter and peaked in the fourth, accounting for 1,827 incidents—approximately 33% of the total for the year. Notably, law enforcement actions against prominent…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting ongoing exploitation in real-world scenarios. Among these, three high-severity flaws in Veritas Backup Exec Agent software (CVE-2021-27876, CVE-2021-27877, and CVE-2021-27878) may allow attackers to execute privileged commands on the system. These vulnerabilities were addressed in a patch released by Veritas in March 2021.
A recent report from Google-owned Mandiant highlighted that an affiliate tied to the BlackCat (also known as ALPHV and Noberus) ransomware operation is utilizing these vulnerabilities for attacks.
CISA Alerts Businesses to Five Critical Security Vulnerabilities: Immediate Response Needed On April 10, 2023, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory concerning five newly identified security vulnerabilities now included in its Known Exploited Vulnerabilities (KEV) catalog. This addition is backed by evidence indicating active…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting ongoing exploitation in real-world scenarios. Among these, three high-severity flaws in Veritas Backup Exec Agent software (CVE-2021-27876, CVE-2021-27877, and CVE-2021-27878) may allow attackers to execute privileged commands on the system. These vulnerabilities were addressed in a patch released by Veritas in March 2021.
A recent report from Google-owned Mandiant highlighted that an affiliate tied to the BlackCat (also known as ALPHV and Noberus) ransomware operation is utilizing these vulnerabilities for attacks.
Microsoft Flags Storm-0501 as a Significant Threat in Hybrid Cloud Ransomware Operations
September 27, 2024
Ransomware / Cloud Security
Microsoft has identified the cyber group Storm-0501 as a noteworthy threat, targeting key sectors such as government, manufacturing, transportation, and law enforcement in the United States. Their sophisticated, multi-stage attack strategy is designed to infiltrate hybrid cloud environments, allowing attackers to move laterally from on-premises systems to the cloud. This approach leads to data exfiltration, credential theft, tampering, persistent backdoor access, and ransomware deployment. According to Microsoft’s threat intelligence team, Storm-0501 operates as a financially driven cybercriminal organization, utilizing both commodity and open-source tools for their ransomware activities. Active since 2021, they initially focused on educational institutions with the Sabbath ransomware before transitioning to a ransomware-as-a-service (RaaS) model, distributing various ransomware variants including Hive, BlackCat (ALPHV), Hunters International, LockBit, and Embargo ransomware.
Microsoft Flags Storm-0501 as Significant Threat in Hybrid Cloud Ransomware Incidents On September 27, 2024, Microsoft announced a notable increase in ransomware attacks orchestrated by the threat actor known as Storm-0501, which has predominantly targeted integral sectors such as government, manufacturing, transportation, and law enforcement across the United States. This…
Microsoft Flags Storm-0501 as a Significant Threat in Hybrid Cloud Ransomware Operations
September 27, 2024
Ransomware / Cloud Security
Microsoft has identified the cyber group Storm-0501 as a noteworthy threat, targeting key sectors such as government, manufacturing, transportation, and law enforcement in the United States. Their sophisticated, multi-stage attack strategy is designed to infiltrate hybrid cloud environments, allowing attackers to move laterally from on-premises systems to the cloud. This approach leads to data exfiltration, credential theft, tampering, persistent backdoor access, and ransomware deployment. According to Microsoft’s threat intelligence team, Storm-0501 operates as a financially driven cybercriminal organization, utilizing both commodity and open-source tools for their ransomware activities. Active since 2021, they initially focused on educational institutions with the Sabbath ransomware before transitioning to a ransomware-as-a-service (RaaS) model, distributing various ransomware variants including Hive, BlackCat (ALPHV), Hunters International, LockBit, and Embargo ransomware.
