EN
DE
BeforeCrypt Blog
Latest posts
News Week: November 17th to November 23rd, 2025
Pennsylvania Attorney General Confirms Major Data Exposure After August Attack In November 2025, the Pennsylvania Office of the Attorney General officially acknowledged that an August breach led to the theft of sensitive personal and medical information. The intrusion, later claimed by the INC Ransom group—an active RaaS (ransomware-as-a-service) operation — resulted in files containing names, […]
24.11.2025
Sarcoma Ransomware
Originally discovered in 2021, the Sarcoma ransomware variant remains a significant threat today. In particular instances, Sarcoma struck the ABC Business and the XYZ Hospital group, causing substantial disruption and data loss. This ransomware not only encrypts victim data but also steals sensitive information, risking further exposure on leak sites. Category Details Ransomware Name Sarcoma […]
20.11.2025
SafePay Ransomware
SafePay Ransomware, a ransomware variant first discovered in late 2020, presents a substantial threat to businesses and individual users today due to its aggressive encrypting capability and high persistence. There have been several reports of this malware attacking various public and private entities worldwide. For instance, the ransomware was thorough in its onslaught against a […]
20.11.2025
ShinySp1d3r Ransomware
First detected in May 2021, the ShinySp1d3r Ransomware remains a significant threat to this day. Despite its relative newness, it’s already been responsible for two major public incidents, the hospital attack and a cybersecurity firm breach. Information on ShinySp1d3r Ransomware Category Details Ransomware Name(s) ShinySp1d3r Ransomware First Detected/Reported May 2021 Targeted Operating Systems Windows File […]
20.11.2025
News Week: November 10th to November 16th, 2025
Guilty Plea in U.S. Case Against Yanluowang Access Broker A Russian national has agreed to plead guilty to acting as an initial access broker for the Yanluowang ransomware operation, providing network entry points to attackers who later launched targeted intrusions across several U.S. companies between 2021 and 2022. FBI investigators uncovered key evidence through server […]
17.11.2025
News Week: November 3rd to November 9th, 2025
Cybersecurity Experts Charged for Involvement in BlackCat Ransomware Attacks In a striking turn of events, three former cybersecurity professionals from DigitalMint and Sygnia have been charged for their alleged participation in BlackCat ransomware operations. Prosecutors claim the defendants acted as affiliates of the notorious ransomware gang, infiltrating company networks, stealing sensitive data, and deploying encryption […]
12.11.2025
CiphBit Ransomware
CiphBit ransomware, first discovered in 2020, continues to pose a significant risk due to its uncrackable encryption and persistence in victims’ networks. Two notable incidents include the attack on Travelex currency exchange in January 2020 and the crippling of hospital systems in the Universal Health Services network in the U.S in September 2020. This ransomware […]
09.09.2025
News Week: July 28th to August 3rd, 2025
Remote Code Execution in PaperCut Software Draws Ransomware Gang Interest A recently patched remote code execution (RCE) flaw in PaperCut NG/MF (CVE-2023-2533) is now actively exploited, prompting CISA to urge immediate action. The bug enables attackers to change security settings or run arbitrary code if an authenticated admin clicks a crafted link, often via cross-site […]
04.08.2025
News Week: July 21st to July 27th, 2025
Over 1,000 CrushFTP Servers Exposed to Zero-Day Exploit and Ransomware Threats More than 1,000 CrushFTP servers remain vulnerable to a critical zero-day flaw, putting them at risk of hijack attempts and data breaches. The issue, tracked as CVE-2025-54309, stems from improper AS2 validation and affects all versions below 10.8.5 and 11.3.4_23. While a fix has […]
28.07.2025
News Week: July 14th to July 20th, 2025
Interlock Ransomware Leverages FileFix and RDP in New Attack Wave Interlock ransomware has recently adopted a stealthier attack method known as FileFix to deliver remote access trojans (RATs) onto victims’ systems. This method manipulates Windows elements like File Explorer to trick users into pasting disguised PowerShell commands, which then download malware hosted on platforms like […]
21.07.2025
News Week: July 7th to July 13th, 2025
Chinese National Arrested in Italy for Links to Silk Typhoon Cyberespionage A Chinese citizen was arrested at Milan’s Malpensa Airport earlier this month on suspicion of ties to Silk Typhoon, a state-backed hacking group also known as Hafnium. The 33-year-old suspect, Xu Zewei, was apprehended on a U.S. international warrant and is believed to be […]
14.07.2025
News Week: June 30th to July 6th, 2025
Ransomware Attack on Radix Impacts Swiss Government Offices A ransomware breach targeting the Swiss non-profit Radix has compromised sensitive data from multiple federal agencies. The attack was carried out by the Sarcoma group, which exploited phishing tactics, outdated vulnerabilities, and notably Remote Desktop Protocol (RDP) access to infiltrate the system. After stealing and encrypting the […]
11.07.2025
Lynx Ransomware
Lynx Ransomware: The Hidden Predator The Lynx Ransomware was first reported in November 2020 and has been posing a significant threat since. One of the notable victims of this ransomware includes Canadian healthcare service provider ‘LifeLabs’, leading to temporary suspension of its services. In another incident, the Bulgarian National Revenue Agency (NRA) fell prey to […]
04.07.2025
Top Cyber Insurance Executives Gather at Finlex Summit 2025: BeforeCrypt Shares Expertise
Imagine this: It’s 3 AM on a Tuesday. Your production systems are frozen. A skull and crossbones fills every computer screen in your facility. Your 150 employees can’t work. Your customers are calling. And a message demands $2.5 million in Bitcoin to unlock everything. This isn’t a nightmare – it’s Monday morning for too many […]
23.06.2025
Interlock Ransomware
Discovered in mid-2019, InterLock Ransomware has emerged as a sinister cyber threat. The risk factor surrounding this ransomware variant remains high, especially for Windows users. In March 2020, it struck more than 50 school districts in the US causing long-term damage. Another high-profile incident took place in the same month when it breached the network […]
06.06.2025
SilentRansomGroup
Unlock the Secrets of SilentRansomGroup: A Rising Threat in the Ransomware Landscape First identified in early 2023, SilentRansomGroup has rapidly gained attention within cybersecurity circles as a notable threat actor employing sophisticated encryption techniques. Their malware campaigns have targeted various industries worldwide, making them a medium to high-risk concern for organizations seeking to protect their […]
13.05.2025