On May 7 2024, almost five years after it first appeared, the LockBit ransomware group finally got a human face. His name is Dmitry Khoroshev (aka ‘LockBitSupp’), alleged by the FBI and UK National Crime Agency (NCA) to be the platform’s administrator, the powerful figure who helped direct it to attack at least 7,000 organizations […]

If you’re a seasoned watcher of cybersecurity incidents, you’ll doubtless have heard an unhappy tale that’s similar to the following story many times before. In February 2024, hackers used compromised credentials to breach a Citrix desktop remote access portal belonging to a large company. Once inside the network, they moved laterally, opening a path for […]

Every organization that suffers a serious ransomware attack faces years of financial pain and reputational damage, or at least this is what we’re often told. While it’s true that the short-term costs of ransomware can be steep, there is less evidence about the longer-term costs that might follow behind. One measure is the effect on […]

Cybercriminals, it is widely observed, have a fondness for weekends. This is not by chance—at weekends organizations are short-staffed, making this the best time to launch a cyberattack. It’s a pattern that played out in a ransomware attack on the Romanian health system on Sunday, Feb. 11, that sent some of the country’s most important […]

What effect did last year’s high-profile police disruption of the world’s two foremost ransomware groups have on the wider criminal industry surrounding them? It’s been an open question ever since the infrastructure of ALPHV /BlackCat was targeted in December 2023, followed a few weeks later by a similar action against LockBit.  Eventually security companies, that […]