ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and d
‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested
The FBI says First VPN has been used by dozens of ransomware groups for network reconnaissance and intrusions. The post ‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested appeared first on SecurityWeek.
Global law enforcement operation takes First VPN offline
Police seized First VPN in a global crackdown, exposed its cybercrime users, and shut down infrastructure tied to ransomware and data theft. A major international law enforcement operation has taken First VPN offline, a
Authorities Have Taken Down “First VPN” Used in Ransomware Attacks
In a major international law enforcement success, authorities from seven countries dismantled First VPN, a criminal virtual private network linked to global cybercrime, during a coordinated operation on May 19 and 20, 20
Police op targets VPN service favoured by ransomware gangs
<p>A <a href="https://www.techtarget.com/searchnetworking/definition/virtual-private-network" target="_blank" rel="noopener">virtual private network</a> (VPN) favoured by cyber criminals to mask data exfiltration, fraud
Police seize “First VPN” service used in ransomware, data theft attacks
A virtual private network service called 'First VPN,' used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement operation. [...]
Ransomware-Trends 2026: Weniger Hackergruppen – dafür brutal effizient
Cyberkriminelle agieren 2026 gezielter, schneller und professioneller als je zuvor. Das zeigt der Ransomware Report Q1 2026 von Check Point Software Technologies.
WantToCry Ransomware Abuses SMB Services to Remotely Encrypt Files
A ransomware strain called WantToCry has been targeting businesses by abusing a widely used file-sharing protocol to encrypt files without dropping any malware on the victim’s system. The attacks mark a notable shift in
Exploits lösen Zugangsdaten als Einfallstor ab
Schwachstellen-Exploits sind laut dem neuen Verizon Data Breach Investigations Report (DBIR) 2026 erstmals der häufigste Einstieg in Unternehmensnetze, gestohlene Zugangsdaten verlieren an Boden. Gleichzeitig wachsen Ran
Hackers bypass SonicWall VPN MFA due to incomplete patching
Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. [...]
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromisi
Grafana GitHub Breach Linked to TanStack npm Supply Chain Ransomware
Grafana Labs has disclosed a targeted ransomware-linked breach of its GitHub environment, traced to a broader TanStack npm supply chain compromise associated with the “Mini Shai-Hulud” campaign. The incident, detected on
Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector
Verizon’s 2026 DBIR finds vulnerability exploitation has overtaken credential abuse as the leading breach vector, as AI accelerates attacks, patching delays worsen, and ransomware and third-party compromises continue to
Cybercrime service disrupted for abusing Microsoft platform to sign malware
Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing service to generate fraudulent code-signing certificates used by ransomware gangs and other cybe
The Gentlemen Ransomware Attacks Windows, Linux, NAS, BSD, and ESXi Attacks
A ransomware group called The Gentlemen has been quietly building one of the most aggressive cybercriminal operations seen in recent years. Emerging publicly in the second half of 2025, the group rapidly scaled its activ
Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’
Fox Tempest provides a service that cybercriminals use to distribute ransomware and other malware disguised as legitimate software. The post Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’ appeared firs
Exposing Fox Tempest: A malware-signing service operation
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to more effectively distribute malicious code
Cyber-Erpressung treibt Mittelständler in die Insolvenz
Laut BSI richten sich die meisten Ransomware-Angriffe gegen den Mittelstand. Die Folgen sind existenziell: Unternehmen wie Fasana oder die Einhaus-Gruppe wurden durch Cyberangriffe in die Insolvenz getrieben. Gleichzeit
Ransomware-Druck auf IT-Abteilungen ist enorm
Trotz besserer Abwehrmaßnahmen und sinkender Lösegeldzahlungen wächst laut Sophos der Druck durch Ransomware auf IT-Abteilungen aufgrund fehlendem Personal und Ressourcen. Effektive Verteidigung erfordere technische, or
Absolute Immutability als letzte Verteidigungslinie beim größten digitalen Event der Welt
Im Gastbeitrag ordnet Daniel Fried, Senior Vice President EMEA bei Object First, ein, warum Ransomware-Angriffe auf Event-Infrastrukturen zunehmend auf maximale Störung statt auf Lösegeldzahlungen zielen; und weshalb