Back to articles

Tag archive

#ransomware

I
Jul 16, 2026

INC_RANSOM Ransomware Targets Miami Law Firm

The INC_RANSOM ransomware group has listed Golden Glasko Haddy and Associates, a Miami-based law firm, as a victim on its dark web leak site. The posting, which appeared on July 14, 2026, is part of a double-extortion campaign where the attackers claim to have stolen internal files and threaten to release them to pressure the firm into paying a ransom. The firm, which specializes in estate and probate law, has not yet commented on the attack or the potential exposure of sensitive client data.

Jul 16, 20264 min read0 reactions0 comments
C
Jul 16, 2026

Chaos Ransomware Claims Attack on Aphena Pharma Solutions

The Chaos ransomware group has claimed an attack on Aphena Pharma Solutions, a U.S.-based pharmaceutical contract manufacturer. The group listed the company on its dark web leak site on July 14, 2026, alleging the theft of 142 GB of 'critical corporate data,' including sensitive financial documents. The attackers claim to have gained full access to the company's infrastructure, employing a double-extortion strategy by threatening to leak the stolen information.

Jul 16, 20264 min read0 reactions0 comments
S
Jul 16, 2026

Sophos Report: Identity Attacks Overtake Exploits in Ransomware

According to the Sophos 'State of Ransomware 2026' report, compromised identities are now the primary root cause of ransomware attacks, accounting for 79% of incidents. For the first time in four years, malicious email and phishing have surpassed software vulnerability exploitation as the top initial access vector. The report, which surveyed over 2,100 victims, highlights a strategic shift by attackers towards identity-based tactics, even as the average total cost to recover from an attack climbs to $1.7 million.

Jul 16, 20264 min read0 reactions0 comments
D
Jul 16, 2026

Deutsche Bank Confirms Third-Party Breach After Ransomware Claim

Deutsche Bank has acknowledged a cybersecurity incident at a third-party service provider following claims from the 'Unsafe' ransomware group. The group posted data on its leak site allegedly stolen from the bank, including employee records. Deutsche Bank asserts that its own internal systems were not compromised and that the incident was contained to an external marketing vendor in Germany. The event highlights the significant supply chain risks facing large financial institutions.

Jul 16, 20264 min read0 reactions0 comments
U
Jul 14, 2026

US Treasury Sanctions First VPN Service for Ransomware Support

The U.S. Treasury Department has sanctioned First VPN Service (1VPNS), its Ukrainian administrator Dmytro Rashevskyi, and a Belarusian malware 'cryptor' seller, Yegeniy Silayev, for their roles in facilitating ransomware attacks. Announced on July 13, 2026, the sanctions target 1VPNS for providing anonymous infrastructure used by numerous ransomware groups to attack U.S. critical infrastructure, including hospitals and financial services. The action, coordinated with the UK and FBI, follows a May 2026 takedown of 1VPNS infrastructure and aims to disrupt the cybercriminal ecosystem by targeting its key service providers.

Jul 14, 20263 min read0 reactions0 comments
A
Jul 14, 2026

Akira Ransomware Group Targets US Marketing Firm Ironmark

The Akira ransomware group has claimed responsibility for a cyberattack on Ironmark, a U.S.-based marketing and communications provider. On July 13, 2026, the group added Ironmark to its dark web leak site, threatening to release 190GB of stolen data. The compromised information allegedly includes sensitive employee PII such as passports, as well as corporate financial records, client contracts, and NDAs. This attack is consistent with Akira's typical double-extortion strategy of encrypting data while also exfiltrating it to pressure victims into paying a ransom.

Jul 14, 20264 min read0 reactions0 comments