#Schuldigitalisierung ohne #Cybersecurity: Ende Januar 2025 griff ein Ableger der #Lockbit-#Ransomware den rheinland-pfälzischen IT-Dienstleister Topackt an und verschlüsselte 45 Server. Über zwei Terabyte hochsensibler Schuldaten von mehr als 40 Schulen landeten schließlich im #Darknet.

Schulen und kommunale Einrichtungen werden von den Bundesländern in Sachen digitaler #Resilienz nach wie vor weitestgehend sich selbst überlassen - sollen aber massiv digitalisieren:

https://www.speyer.de/de/rathaus/medieninformationen/aktuelle-informationen/stadt-speyer-prueft-situation-nach-datenveroeffentlichung-aus-hackerangriff/

🇨🇱 LockBit 5.0 has now published all the information from Clínica Dávila (http://davila.cl). Remember that this medical institution was attacked by the Devman ransomware back in December last year. It appears that Devman sold a portion of the data to LockBit.

Now the question that arises: Has Clínica Dávila individually notified each patient about the attack it suffered from Devman back in December last year?

https://www.security-chu.com/2026/03/lockbit-filtra-los-datos-de-la-clinica-davila.html

#cybersecurity #ransomware #Chile #databreach #health #healthcare #lockbit #devman #research

“L'expansion continue de #LockBit vers les entreprises et les infrastructures” : retour sur la version 5.0 du #ransomware, déployée depuis Septembre 2025 !

https://blog.sosordi.net/2026/02/lexpansion-continue-de-lockbit-vers-les-entreprises-et-les-infrastructures-retour-sur-la-version-5-0-du-ransomware-deployee-depuis-septembre-2025.html

#securite #data #Internet

Threat Actors Exploit Apache ActiveMQ Server Vulnerability to Gain RDP Access and Deploy LockBit Ransomware

Pulse ID: 69a19efa5a3cb45c05190273
Pulse Link: https://otx.alienvault.com/pulse/69a19efa5a3cb45c05190273
Pulse Author: CyberHunter_NL
Created: 2026-02-27 13:41:13

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#APAC #ActiveMQ #Apache #CyberSecurity #InfoSec #LockBit #OTX #OpenThreatExchange #RDP #RansomWare #Vulnerability #bot #CyberHunter_NL

Apache ActiveMQ Exploit Leads to LockBit Ransomware - The DFIR Report

Pulse ID: 69a19f09b3ea1e782cb3e96f
Pulse Link: https://otx.alienvault.com/pulse/69a19f09b3ea1e782cb3e96f
Pulse Author: CyberHunter_NL
Created: 2026-02-27 13:41:29

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#APAC #ActiveMQ #Apache #CyberSecurity #InfoSec #LockBit #OTX #OpenThreatExchange #RansomWare #bot #CyberHunter_NL

Apache ActiveMQ Exploit Leads to LockBit Ransomware

Pulse ID: 699d3e6224da5f2edf580175
Pulse Link: https://otx.alienvault.com/pulse/699d3e6224da5f2edf580175
Pulse Author: Tr1sa111
Created: 2026-02-24 06:00:02

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#APAC #ActiveMQ #Apache #CyberSecurity #InfoSec #LockBit #OTX #OpenThreatExchange #RansomWare #bot #Tr1sa111

Apache ActiveMQ Exploit Leads to LockBit Ransomware

A threat actor exploited CVE-2023-46604 on an exposed Apache ActiveMQ server, gaining initial access and later returning after being evicted. The attacker used Metasploit for post-exploitation activities, including privilege escalation, credential access, and lateral movement. Upon regaining access, they swiftly deployed LockBit ransomware via RDP using previously extracted credentials. The ransomware binary matched LockBit signatures but was likely crafted using the leaked LockBit builder, as evidenced by modified ransom notes and communication methods. The intrusion spanned 19 days from initial access to ransomware deployment, with less than 90 minutes between re-engagement and encryption during the second phase.

Pulse ID: 699cd6eed9db04bd8dc60dc9
Pulse Link: https://otx.alienvault.com/pulse/699cd6eed9db04bd8dc60dc9
Pulse Author: AlienVault
Created: 2026-02-23 22:38:38

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#APAC #ActiveMQ #Apache #CyberSecurity #Encryption #InfoSec #LockBit #OTX #OpenThreatExchange #RDP #RansomWare #bot #AlienVault

LockBit-Ransomware über Apache-ActiveMQ-Lücke: Angriff in zwei Wellen

Ein ungepatchter Apache-ActiveMQ-Server wurde zum Einfallstor für einen mehrstufigen Ransomware-Angriff, der sich über knapp 19 Tage erstreckte

https://www.all-about-security.de/lockbit-ransomware-ueber-apache-activemq-luecke-angriff-in-zwei-wellen/

#LockBit #ransomware #apache