Bulletproof hosting providers renting cheap infrastructure to supply virtual machines to ransomware hackers

Most high-profile ransomware groups were using the same Russian-based infrastructure for years ...
Bleeping Computer

FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024

A new report by the Financial Crimes Enforcement Network (FinCEN) shows that ransomware activity peaked in 2023 before falling in 2024, following a series of law enforcement actions targeting the ...

N.J. health system agrees to pay $4.5M in data breach settlement

Capital Health, a health care provider with multiple locations in New Jersey and Pennsylvania, will pay $4.5 million as part of a settlement over a 2023 data breach that compromised the private ...
Dark Reading

Threat Actor Tied to LockBit Ransomware Targets Fortinet Users

Since January, threat actors have been exploiting two Fortinet vulnerabilities tracked as CVE-2024-55591 and CVE-2025-24472 to deploy SuperBlack ransomware. It's believed that the threat actor, dubbed ...
Cybernews

Bulletproof hosting reused Windows images, masking ransomware infrastructure

New Sophos research reveals how reused Windows images let bulletproof hosting providers spin up thousands of identical servers, obscuring ransomware attribution.