Successful ransomware attacks reported in July totaled 198, which was 47% higher than in June, with the increase largely attributed to ransomware-as-a-service groups, Threatpost reports.
Most of the attacks were conducted by the Lockbit ransomware gang, with a total of 62 attacks last month, which was an increase of 10 from June, according to a report from NCC Group. Meanwhile, Hiveleaks with 27 attacks and BlackBasta with 24 attacks were the second and third most active groups, respectively, representing a 440% and 50% increase in number of attacks from June.
"Lockbit 3.0 maintain their foothold as the most threatening ransomware group and one with which all organizations should aim to be aware of," wrote researchers.
NCC Group noted that attacks have begun increasing as ransomware groups finalized their reorganization following the U.S. government's efforts to disrupt Conti ransomware in May, and further increases are expected this month.
"It is likely that the threat actors that were undergoing structural changes. and have begun settling into their new modes of operating, resulting in their total compromises increasing in conjunction," said researchers.
Hamas spokesperson Hudhayfa Samir Abdallah al-Kahlut, also known as "Abu Ubaida," has been sanctioned by the U.S. Treasury Department for his leadership of the group's cyber influence operations, reports The Record, a news site by cybersecurity firm Recorded Future.
TechCrunch reports that U.S. conservative think tank The Heritage Foundation was working on addressing a cyberattack against its systems last week, but investigation into whether any of its data was compromised is still underway.
Iranian state-backed threat operation MuddyWater, also known as TA450, Mango Sandstorm, and Boggy Sandstorm, has leveraged the novel DarkBeatC2 command-and-control infrastructure tool as part of its latest attack campaign, The Hacker News reports.