His name is Guan Tianfeng and in December 2024 the US State Department’s Rewards for Justice campaign placed a reward of up to $10 million for anyone offering information on his whereabouts. Guan Tianfeng, it is alleged, masterminded an April 2020 attack on Sophos XG firewalls using an exploit for a zero-day vulnerability later hastily […]
When ransomware strikes, the first question every security team asks themselves is how the attackers got inside what was supposed to be a well-defended network. These days, the question is asked within minutes of the attack being discovered, and for good reason. Without understanding the weakness that led to an attack, resolving it is a […]
Ransomware’s history is littered with threat actors that rise and fall but every now and then a new name appears that grabs people’s attention for the wrong reasons. RansomHub, a ransomware-as-a-service (RaaS) platform which seems to have successfully recruited affiliates from the downed BlackCat and Lockbit groups during 2024, is the latest example of this […]
When ransomware visits your network, resolve to build it back better. And if you’re tempted to pay the ransom, don’t. That money is better spent on new defenses to prevent a repeat incident. These are some of the takeaways from a remarkable British Library report, Learning Lessons From The Cyberattack, that analyzes the paralyzing ransomware […]
Imagine an everyday ransomware attack on a U.S. city that results in sensitive data being leaked weeks later when the large ransom demanded is not paid. Now imagine that the mayor of that city denies that the leaked data was as bad as it appeared, asserting in a press conference that the stolen data was […]
The precise origins of today’s ransomware are still up for debate but there is no doubt that a piece of malware called Reveton, which first emerged in 2012, was an important moment. The world has a chance to re-assess this malware’s significance with the news that its alleged creator, Maksim Silnikau, was arrested in Spain […]
