Ransomware Attacks Hit A Record High

Uploaded on 2023-11-02 in NEWS-Cybersecurity News, FREE TO VIEW

The number of successful ransomware attacks is increasing, according to the NCC Group who monitor criminal data leak websites,  listing ransom 514 victims in September 2023. This breaks the record set in July this year, when criminal forums on the Dark Web listed 502 victim organisations.

Evidence from these sites is considered reliable, with the US still the most attacked country.

A new ransomware gang Rhysida runs as a ransomware-as-a-service operation, according to research from Kaspersky. Notably, Rhysida has a unique self-deletion mechanism which works on current on older versions of MS Windows.

Several technology companies have confessed to being ransom victims, including Cloudflare and the password management specialist, LastPass. Recently. VMware urged users to patch their software to fix multiple vulnerabilities. The notice was later updated with a warning that threat actors now have exploit code to take advantage of an unpatched server.

Intrusive Data Collection

The increased threat to users is not limited to criminal  ransom exploits. Intrusive collection of personal user data by legitimate apps is also increasing. According to research published by crypto experts at The Money Mongers, Meta's new App Threads, designed as a competitor to TwitterX  is the most invasive of the 100 apps it studied. The other apps reviewed include Instagram, Facebook, Messenger, LinkedIn and Uber Eats.

According to this research, Threads collects as much as 86 per cent of its users’ personal data, a particular concern when around half of all the apps studied share their user data with third parties.

That may be defensible on the basis that in almost every case legitimate apps ask users to consent to their data being used for financial gain, however.  its doubtful that many users read the full terms & conditions before giving their consent.

NCC Group:    Kaspersky:    US Justice Dept:    ITWorld Canada:   Securelist:      MoneyMongers

Image: fernando arcos

You Might Also Read:

Cyber Risk & Ransomware In 2023:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Online Conflict In Gaza & Ukraine
Major Outage: British Library Suffers A Cyber Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Trust Guard

Trust Guard

Trust Guard services provide complete security for your website.

Optiv

Optiv

Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives.

Plixer

Plixer

Plixer delivers a network traffic analytics system used for monitoring, visualization, and reporting of network and security incidents.

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center (MCC)

Maritime Cybersecurity Center is a not-for-profit organization focused on regional cybersecurity excellence and readiness, with a special emphasis on the maritime community.

Cygilant

Cygilant

Cygilant is a SOC2 certified service provider that combines MSSP and Incident Detection and Response (IDR) capabilities managed by global SOCs staffed with trained security engineers.

TorGuard

TorGuard

TorGuard is a Virtual Private Network services provider offering secure encrypted access to the internet.

Mvine

Mvine

Mvine's primary business is authoring and selling Cyber-Secure Platforms for Collaboration Portals and for Identity Management as well as delivering cloud support services.

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions provides advanced, innovative data security solutions for enterprises, professionals and individuals.

Evalian

Evalian

Evalian is a data protection services provider. Working with organisations of all sizes, we specialise in Data Protection, GDPR, ISO Certification & Information Security.

Cyphere

Cyphere

Cyphere is a cyber security company that helps to secure most prized assets of a business. We provide technical risk assessment (pen testing/ethical hacking) and managed security services.

Cubro Network Visibility

Cubro Network Visibility

Cubro network visibility solutions remove network monitoring ‘blind spots’ to provide enhanced visibility and control of all data transiting a company’s network.

Dectar

Dectar

Dectar (formerly 4Securitas) is a cybersecurity company that provides solutions that predict, detect, defend and react against cybersecurity threats.

Prevasio

Prevasio

Prevasio is a next-gen Cloud Security Posture Management (CSPM) with a built-in Vulnerability and Anti-Malware Scan for Containers.

Nonprofit Cyber

Nonprofit Cyber

Nonprofit Cyber is a first-of-its-kind coalition of global nonprofit organizations to enhance joint action to improve cybersecurity.

Security Awareness Special Interest Group (SASIG)

Security Awareness Special Interest Group (SASIG)

The Security Awareness Special Interest Group (SASIG) addresses the human aspects of security and fraud prevention in an initiative to improve trust and confidence in the online environment.

Finlaw Associates

Finlaw Associates

Finlaw Associates is a trusted cybercrime law firm providing a wide range of taxation, legal, advisory and regulatory services to the financial, commercial and industrial communities.