Credential harvesting campaign targets ScreenConnect cloud administrators
Researchers warn that attackers are using compromised Amazon email accounts in spear-phishing attacks that may lead to ransomware infections.
Articles tagged with: #ransomware
Clear filter
Telecom Fiji taps Allot for network-based cybersecurity service
Telecom Fiji announced on Saturday it has launched NetSafe, a new network-based cybersecurity service for businesses delivered in partnership with telecoms software firm Allot. The NetSafe service - which was officially launched at the end of the Pacific Fiber Conference 2025 in Fiji on Thursday - leverages the Allot Secure solution to offer protection against online threats including malware attacks, ransomware, phishing attempts and malicious websites that can infect devices or attempt to...
Threat Actors Weaponizes AI Generated Summaries With Malicious Payload to Execute Ransomware
A novel adaptation of the ClickFix social engineering technique has been identified, leveraging invisible prompt injection to weaponize AI summarization systems in email clients, browser extensions, and productivity platforms. By embedding malicious step-by-step instructions within hidden HTML elements - using CSS obfuscation methods such as zero-width characters, white-on-white text, tiny font sizes, and off-screen positioning - attackers can poison
Cybersecurity statistics of the week (August 18th - 24th)
Hi guys, I send out a weekly newsletter with the latest cybersecurity vendor reports and research, and thought you might find it useful, so sharing it here. All the reports and research below were published between August 18th - 24th. You can get the below into your inbox every week if you want: https://www.cybersecstats.com/cybersecstatsnewsletter/ Ransomware 2025 State of Ransomware (ThreatDown) Research into the ransomware landscape. Key stats: There has been a 25% year-over-year increase in...
25th August - Threat Intelligence Report
For the latest discoveries in cyber research for the week of 25th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES US pharmaceutical company Inotiv has experienced a ransomware attack that resulted in the unauthorized access and encryption of certain systems and data. The Qilin ransomware gang claimed responsibility and alleged the theft
Ransomware Negotiation: Dynamics and Privacy-Preserving Mechanism Design
arXiv:2508.15844v1 Announce Type: cross Abstract: Ransomware attacks have become a pervasive and costly form of cybercrime, causing tens of millions of dollars in losses as organizations increasingly pay ransoms to mitigate operational disruptions and financial risks. While prior research has largely focused on proactive defenses, the post-infection negotiation dynamics between attackers and victims remains underexplored. This paper presents a formal analysis of attacker-victim interactions in...
Is it common for ransomware to wipe Intunes managed iphones?
Hi, is it common for ransomware to wipe Intunes managed iphones to disrupt communication in addition to encrypt the PCs? Should a company prepare for this? submitted by /u/Past-Roll-5986 [link] [comments]
Orange confirms ransomware breach with 4 GB of customer data exposed on dark web
submitted by /u/Realistic_Truth_7030 [link] [comments]
BQTLOCK Ransomware Operates as RaaS With Advanced Evasion Techniques
A sophisticated new ransomware strain named BQTLOCK has emerged in the cyberthreat landscape since mid-July 2025, operating under a comprehensive Ransomware-as-a-Service (RaaS) model that democratizes access to advanced encryption capabilities for cybercriminals. The malware, associated with 'ZerodayX', the alleged leader of the pro-Palestinian hacktivist group Liwaa Mohammed, represents a concerning evolution in ransomware distribution and
Colt Confirms Customer Data Stolen in Ransomware Attack
Telecommunications giant Colt Technology Services has confirmed that customer data was compromised in a sophisticated cyber attack that began on August 12, 2025. The company disclosed that threat actors accessed sensitive files containing customer information and subsequently posted document titles on the dark web, prompting immediate containment measures and law enforcement notification. Key Takeaways1. Colt
DaVita says ransomware gang stole data of nearly 2.7 million people
Kidney dialysis firm DaVita has confirmed that a ransomware gang that breached its network stole the personal and health information of nearly 2.7 million individuals.
Colt confirms customer data stolen as Warlock ransomware auctions files
UK-based telecommunications company Colt Technology Services confirms that customer documentation was stolen as Warlock ransomware gang auctions files.
Europol confirms $50,000 Qilin ransomware reward is fake
Europol has confirmed that a Telegram channel impersonating the agency and offering a $50,000 reward for information on two Qilin ransomware administrators is fake. The impostor later admitted it was created to troll researchers and journalists.
New Episode of 'Not the Situation Room'
Join Nick, Dave and Space Rogue as we discuss the latest threat in the cyber world. Three notorious groups, ShinyHunters, Scattered Spider, and LAPSUS$, have allegedly joined forces to launch a new ransomware as a service. Catch the conversation on episode 16 of our show and let us know your thoughts. Don't forget to like, subscribe, and share with your network to stay informed and help spread awareness about this emerging threat! https://www.youtube.com/watch?v=uSnJV4Hy3BE #CyberSecurity...
Warlock Ransomware Exploiting SharePoint Vulnerabilities to Gain Access and Steal Credentials
In recent weeks, the cybersecurity community has witnessed the rapid emergence of Warlock, a novel ransomware strain that weaponizes unpatched Microsoft SharePoint servers to infiltrate enterprise networks. Initial analysis reveals that threat actors exploit publicly exposed SharePoint instances via specially crafted HTTP POST requests, deploying web shells that grant remote code execution within the target
DragonForce Ransomware Attack Analysis - Targets, TTPs and IoCs
DragonForce represents a sophisticated and rapidly evolving ransomware operation that has emerged as a significant threat in the cybersecurity landscape since late 2023. Operating under a Ransomware-as-a-Service (RaaS) model, this group has demonstrated exceptional adaptability by leveraging leaked ransomware builders from notorious families like LockBit 3.0 and Conti to create customized attack variants. The organization
How critical is Cyber Threat Intelligence in staying ahead of today's attackers?
Lately it feels like cyberattacks are evolving faster than defenses - ransomware gangs selling access, phishing kits anyone can buy, and sensitive data showing up on dark web forums almost daily. By the time traditional tools like firewalls or EDR trigger an alert, the damage can already be done. That's where Cyber Threat Intelligence (CTI) is supposed to change the game. Instead of just reacting, CTI gives teams an early warning system - monitoring threat actor chatter, spotting leaked...
Ransomware Incidents Targeting Japan Increased by Approximately 1.4 Times
Japan experienced a significant surge in ransomware attacks during the first half of 2025, with incidents increasing by approximately 1.4 times compared to the same period in 2024. According to comprehensive research conducted by cybersecurity analysts, 68 ransomware cases affected Japanese organizations between January and June 2025, representing a substantial rise from the 48 cases
Pharmaceutical firm Inotiv investigating ransomware attack that disrupted operations
The company says it doesn't yet know if the incident will have a material impact.
Risky Bulletin: Child sextortion cases linked to scam compounds
Almost 500 child sextortion cases have been linked to scam compounds, Oracle's CSO departs after 37 years, Europol offers a reward for the Qilin ransomware group, and the UK drops its demand for an Apple backdoor.