Two U.S. Cybersecurity Workers Jailed for BlackCat Ransomware Attacks

Two American Cybersecurity Workers Jailed for BlackCat Ransomware Attacks

Two American cybersecurity workers have been sentenced to jail for helping the BlackCat ransomware gang conduct attacks against multiple organizations in the US.

Ryan Goldberg, 40, of Georgia, and Kevin Martin, 36, of Texas were each sentenced to four years in prison for their roles in facilitating ransomware attacks during 2023, the US Department of Justice said in a statement published on April 30.

Goldberg and Martin pleaded guilty to the charges in December 2025.

The two men worked alongside, Angelo Martino, 41, of Florida, who pleaded guilty to working for BlackCat on April 20. The former ransomware negotiator is set to be sentenced in July.

The BlackCat ransomware operation, also known as ALPHV, first emerged in 2021. Between 2022 and 2024, it was one of the most active and notorious ransomware groups targeting victims globally.

Attackers regularly demanded millions of dollars in ransom payments for decryption keys. BlackCat members also used double-extortion tactics and leaked stolen data from victims who refused to pay.

Lawmakers open inquiry into cybersecurity risks posed by PRC-origin AI models deployed in critical infrastructure systems

The U.S. House Committee on Homeland Security and the House Select Committee on China launched a joint investigation into national security and cybersecurity risks tied to increased use of AI models developed in China, including low-cost, open-weight, and API-accessible systems, such as DeepSeek, Alibaba, Moonshot AI, and MiniMax. Lawmakers are examining concerns that some China-based AI providers may be distilling capabilities from leading U.S. models without authorization and repackaging them into cheaper systems that may lack equivalent safety controls, before making them available to American users and organizations.

As an initial step in the probe, Andrew R. Garbarino, a New York Republican and chairman of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, and John Moolenaar, a Michigan Republican and chair of the House Select Committee on the Strategic Competition between the United States and the Chinese Communist Party sent letters to Anysphere and Airbnb, raising concerns about the companies’ use of or exposure to these risks through PRC-developed AI.

Lloyds: AI critical to getting ahead of cyber attackers

Agentic AI could help banks exploit their “home field” advantage by detecting security vulnerabilities before hackers do, according to Lloyds’ chief security officer Matt Rowe.

While banks’ in-depth understanding of their internal technology stacks and processes technically gives them an edge over attackers, this has not always translated into stronger cyber defences, says Rowe, who leads a 1,000-strong security team at Lloyds.

However, using AI agents and large language models, which are good at finding a “needle in a haystack”, banks could find potential attack paths and “shut them down” before hackers gain a foothold.

“AI could mean we get a step ahead,” he told The Banker.

Rowe was speaking on the sidelines of a cyber attack simulation exercise hosted earlier this week in London by Lloyds, Google and cyber readiness platform Hack The Box. The exercise saw more than 30 teams from across the UK financial services industry test their real-world cyber defence skills against one another.

Cyber Breaches Survey: Phishing & Supply Chain Risks Soar

Cyber attacks wreak havoc in a significant share of UK organisations, with the latest Cyber Breaches Survey revealing that 43% of businesses and 28% of charities reported having experienced a breach or attack in the past year.

Commissioned by the Department for Science, Innovation and Technology (DSIT) and the Home Office, the survey helps us understand the clutch of cyber threats on UK organisations and their level of preparedness.

The lion’s share of attacks are focussed on the larger organisations.

Around 69% of large businesses and 65% of medium-sized firms reported incidents, compared with 46% of small businesses and 42% of micro organisations.

Encouragingly, senior leadership attention is holding steady.

Cyber security is considered a high priority by 72% of businesses and 60% of charities, rising to 100% among large organisations.

“It's encouraging to see boardroom engagement starting to recover, but accountability without preparation is performative,” says Muhammad Yahya Patel, CISO and Cybersecurity Advisor for EMEA at Huntress.

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company’s public image.

For the past several years, security experts have tracked a series of massive DDoS attacks originating from Brazil and solely targeting Brazilian ISPs. Until recently, it was less than clear who or what was behind these digital sieges. That changed earlier this month when a trusted source who asked to remain anonymous shared a curious file archive that was exposed in an open directory online.

The exposed archive contained several Portuguese-language malicious programs written in Python. It also included the private SSH authentication keys belonging to the CEO of Huge Networks, a Brazilian ISP that primarily offers DDoS protection to other Brazilian network operators.

AI and the UK Financial Conduct Authority

The UK Financial Conduct Authority (FCA) has elected not to introduce a bespoke AI rule book and has instead applied its existing, outcomes focused framework to firms’ design, deployment and oversight of AI systems.

For FCA-regulated firms, that means AI risk management in the UK is primarily a question of mapping AI use cases onto familiar regulatory building blocks: consumer outcomes (Consumer Duty), accountability (the Senior Managers and Certification Regime (SM&CR) and governance), systems and controls, outsourcing/third party risk, and operational resilience.

Significantly, the FCA is trialling its own use of AI in its review of live enforcement data— including suspicious activity reports, customer complaints and case files—which has the potential to transform the regulator’s financial crime and regulatory breach detection, disruption, and associated supervision and enforcement capabilities.