Read also: Global law enforcement op strikes West African cybercrime, the Astrostress operator gets a prison sentence, and more.

The ransomware attack against UnitedHealth Group’s Change Healthcare platform is expected to cost the company up to $2.45 billion, more than a billion dollars more than was previously estimated, Cybersecurity Dive reports. The incident has already cost the firm nearly $2 billion.

Analysis of new ransomware group Volcano Demon provides a detailed look into how and why calling victims ups the chances of ransomware payment. Security researchers at Halcyon have uncovered a new ransomware threat group that initially follows traditional methods – harvesting admin credentials, data exfiltrated to a C2 server, logs cleared and data was encrypted using LukaLocker. However, Volcano Demon attacks take a different direction in the extortion phase.

The ViperSoftX info-stealing malware has evolved, now utilizing the common language runtime (CLR) to covertly execute PowerShell commands within AutoIt scripts. This sophisticated approach allows ViperSoftX to bypass traditional security measures and remain undetected, posing a significant threat to cybersecurity. Leveraging CLR and AutoIt for Stealth Operations CLR, a core component of Microsoft’s.NET Framework, functions as the execution engine for.NET applications.

In a startling development, the Akira ransomware gang has demonstrated a dramatic reduction in the time it takes to exfiltrate data from compromised servers. According to the BlackBerry Threat Research and Intelligence Team, this cybercriminal group managed to steal data from a Veeam server in just over two hours during a June attack on a Latin American airline.

The CDK Global ransomware attack was first reported in June 2024. Ransomware infected CDK Global, a software vendor that serves thousands of North American car dealerships. This ransomware attack affected over 10,000 U.S. car dealerships, their employees and their customers.

APT40 rapidly exploits network vulnerabilities, CloudSorcerer APT targets Russian organizations, and Eldorado threatens Windows and Linux systems.

A new strain of the HardBit ransomware has emerged in the wild. It contains a protection mechanism in an attempt to prevent analysis from security researchers.

Government agencies worldwide are entrusted with safeguarding sensitive data and facilitating seamless operations across various critical infrastructure sectors. However, this pivotal role puts them in threat actors’ sights – from cybercriminals to politically motivated entities to state-sponsored actors from other parts of the world.

According to the filing, the organization in question failed to devise controls to adequately detect, respond to, and disclose an attack that included data exfiltration and service disruption. Back in 2021, R.R. Donnelley & Sons Co.