Ransomware Week

Ransomware attacks on local governments continue to cause disruptions, as seen with recent incidents targeting Dallas and Augusta, Georgia. Augusta’s mayor’s office confirmed a cyberattack but did not provide specifics. However, the BlackByte ransomware group claimed responsibility and leaked stolen data. Other attacks reported include German arms manufacturer Rheinmetall targeted by BlackBasta ransomware and ABB experiencing a data breach. The Cuba ransomware group initially claimed an attack on The Philadelphia Inquirer but later retracted when the data was proven unrelated. Security firms revealed new developments, such as ALPHV/BlackCat using a malicious Windows kernel driver, Iranian hackers introducing Moneybird ransomware, and Buhti ransomware employing leaked encryptors. A highly sought-after ransomware manual, released by Bassterlord, has been circulating, prompting network defenders and security professionals to study it for insights into breach tactics.