Darkside Ransomware | Breaking Cybersecurity News | The Hacker News

Just as Colonial Pipeline  restored  all of its systems to operational status in the wake of a crippling ransomware incident a week ago, DarkSide, the cybercrime syndicate behind the attack, claimed it lost control of its infrastructure, citing a law enforcement seizure. All the dark web sites operated by the gang, including its DarkSide Leaks blog, ransom collection site, and breach data content delivery network (CDN) servers, have gone dark and remain inaccessible as of writing. In addition, the funds from their cryptocurrency wallets were allegedly exfiltrated to an unknown account, according to a note passed by DarkSide operators to its affiliates. "At the moment, these servers cannot be accessed via SSH, and the hosting panels have been blocked," the  announcement  obtained by Intel 471 read. The development comes as DarkSide closed its Ransomware-as-a-Service (RaaS) affiliate program for good "due to the pressure from the U.S.", with the group stating th...

Colonial Pipeline , which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack,  once again demonstrating  how critical infrastructure is vulnerable to cyber attacks. "On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack," the company  said  in a statement posted on its website. "We have since determined that this incident involves ransomware. In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems." Colonial Pipeline is the largest refined products pipeline in the U.S., a 5,500 mile (8,851 km) system involved in transporting over 100 million gallons from the Texas city of Houston to New York Harbor. Cybersecurity firm FireEye's Mandiant incident response division is said to be assisting with the investigation, according to reports from  B...

Find out how Reco keeps Microsoft 365 Copilot safe by spotting risky prompts, protecting data, managing user access, and identifying threats - all while keeping productivity high. Microsoft 365 Copilot promises to boost productivity by turning natural language prompts into actions. Employees can generate reports, comb through data, or get instant answers just by asking Copilot.  However, alongside this convenience comes serious security concerns. Copilot operates across a company's SaaS apps (from SharePoint to Teams and beyond), which means a careless prompt or a compromised user account could expose troves of sensitive information.  Security experts warn that organizations shouldn't assume default settings will keep them safe. Without proactive controls, every file in your organization could be accessible via Copilot. A malicious actor might use Copilot to discover and exfiltrate confidential data without having to manually search through systems. With the right prom...