Play ransomware actors have been using a previously undocumented exploitation method for the ProxyNotShell Exchange flaws.
Researchers have found a malicious driver signed by Microsoft used in the lead up to Hive and Cuba ransomware deployments.
The Hive ransomware has victimized 1,300 companies globally as of November, in particular targeting healthcare sector organizations, according to U.S. federal agencies in a new advisory.
A 33-year-old dual Russian and Canadian national was arrested this week for allegedly participating in LockBit ransomware attacks.
Researchers at SentinelLabs have identified several links between the Black Basta ransomware actors and the FIN7 cybercrime group.