My "big picture" take on the LockBit disruption this week is now live. We are seeing more frequent law enforcement action against all sorts of cybercrime groups and I think we need to step back and take stock of what is working and what isn't so we put our energies where they are likely to achieve the best outcomes.
I hope #Lockbit encourages ransomware crews to call it a day and cash out. You had a good run, who needs lambos? - buy farm! just chill and spend rest of life having nazi dom fantasy and arguing on habr which DoTA hero are actually related and no Lina and Rylai aren't - they're gay.. G. A. Y...
One of the largest unions in California confirmed this week that it is dealing with network disruptions due to a cyber incident following claims of an attack last month by LockBit
Rapid7 found notable similarities between BlackHunt ransomware and LockBit, which suggested that it uses leaked code of Lockbit. In addition, it uses some techniques similar to REvil ransomware. Rapid7 provided a technical analysis of a BlackHunt sample, describing functionalities and MITRE ATT&CK techniques. IOC provided.
🔗 https://www.rapid7.com/blog/post/2024/02/05/exploring-the-not-so-secret-code-of-blackhunt-ransomware-2/
Proving once again what lying bastards they are, #LockBit hit St. Anthony Hospital (Chicago) on December 18 and exfiltrated some patient data. The hospital hasn't confirmed how much yet, and they make no mention of any #encryption of files. LockBit seems to be demanding $800k ransom/extortion to delete the files.