Well, well, well, looks like the ransomware gang ALPHV, also known as BlackCat or Noberus, is playing the cyber game with a new set of rules. They've decided to step up their game by offering an API – because hey, why not add a touch of convenience to cyber extortion, right?

Why the sudden switch to offering an API, you ask? Well, it seems there's a global trend of fewer victims coughing up the ransom dough, with even big names like Estée Lauder giving ransom negotiations the cold shoulder. Plus, those Tor sites where these cyber crooks dump their loot aren't exactly user-friendly, what with all the downtime and sluggish download speeds.

So, enter the API, the ultimate temptation for reluctant victims. By increasing the visibility of stolen data and making it oh-so-easy to access, ALPHV is basically saying, "Pay up or risk having your dirty laundry aired for all to see." They even threw in a Python crawler to sweeten the deal – because who doesn't love a helpful tool for their cyber shenanigans?

Now, what sets ALPHV apart from the cyber riff-raff is that it's the first ransomware of its kind written in Rust – a programming language that's like a Swiss army knife for malware, allowing for easy customisation across different operating systems. Since November 2021, this cyber menace has been wreaking havoc, with some experts dubbing it the heir to the infamous BlackMatter and Darkside ransomware legacies.

And they're not just twiddling their thumbs, folks. ALPHV goes the extra mile to maximise their ransom haul, with tricks up their digital sleeves like deleting volume shadow copies, shutting down processes and services, and even putting the kibosh on virtual machines.

Their hit list reads like a who's who of cyber targets, with recent exploits including a whopping 7TB data heist from Barts Health NHS Trust and a cameo on Reddit's victim roster during the infamous Reddit blackout. According to the Health Sector Cybersecurity Coordination Centre's (HC3) report, these cyber baddies have a particular penchant for healthcare targets, and it looks like they're just getting started. Brace yourselves, folks – the cyber storm is far from over.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan

THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES

Tokyo based insurance companys' breached data makes it way into public circulation.
https://breachaware.com/research/tokyo-based-insurance-companys-breached-data-makes-it-way-into-public-circulation
A total of 11 breaches were found and analysed resulting in 7,785,424 leaked accounts containing a total of 15 different data types. The breaches found publicly and freely available included Gemini [2], Exvagos, Stealer - BradMax 0325, Debbie Sells Columbia and American Express.

How much data do you need to buy a car these days?
https://breachaware.com/research/how-much-data-do-you-need-to-buy-a-car-these-days
A total of 45 breaches were found and analysed resulting in 21,048,388 leaked accounts containing a total of 26 different data types. The breaches found publicly and freely available included Clear Voice Surveys, Nova Poshta, RenewBuy, Seat and My Canada Payday.

He has three charges, the third, CSAM, was unexpected.
https://breachaware.com/research/he-has-three-charges-the-third-csam-was-unexpected
A total of 5 breaches were found and analysed resulting in 7,143,477 leaked accounts containing a total of 12 different data types. The breaches found publicly and freely available included Forex Depositor Database, Turk Telekom, OnGab, Bitimen and Condor Airlines.

"Fast and honest" legal funding company has suffered a data breach.
https://breachaware.com/research/fast-and-honest-legal-funding-company-has-suffered-a-data-breach
A total of 41 breaches were found and analysed resulting in 128,269,951 leaked accounts containing a total of 26 different data types. The breaches found publicly and freely available included Canva [2], Truth Finder, Boat Owners Database - USA, Coin Gecko and Gelbeseiten.

Unusually the data is still in circulation and it doesn’t seem that the bank has notified its users.
https://breachaware.com/research/unusually-the-data-is-still-in-circulation-and-it-doesnt-seem-that-the-bank-has-notified-its-users
A total of 9 breaches were found and analysed resulting in 20,774,389 leaked accounts containing a total of 31 different data types. The breaches found publicly and freely available included Exactis, Stealer - Mixed Logs 0316, Cal Racing, Stealer - Mixed Logs 0317 and Nomer.