Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
Bleeping Computer

Qilin ransomware abuses WSL to run Linux encryptors in Windows

The Qilin ransomware operation was spotted executing Linux encryptors in Windows using Windows Subsystem for Linux (WSL) to evade detection by traditional security tools. The ransomware first launched ...
SiliconANGLE

Aiden launches AidenRescue to automate Windows device recovery after ransomware attacks

Windows endpoint management company Aiden Technologies Inc. today announced the launch of AidenRescue, a new solution for recovering and rebuilding Windows devices after a ransomware attack or other ...
PC World

LockBit ransomware returns with a vengeance, affecting multiple OSes

The cybercriminal group known as LockBit has released an improved 5.0 version of its ransomware (LockBit 5.0), which is “significantly more dangerous,” warns Trend Micro. The malware now attacks ...
Fox News

Windows 10 users face ransomware nightmare as Microsoft support ends in 2025 worldwide

Microsoft's blog recently gave a firm warning: unsupported systems aren't just outdated, they're unprotected. That message targets anyone still using Windows 10, and it's serious. In Microsoft's ...
Dark Reading

Qilin Targets Windows Hosts With Linux-Based Ransomware

The Quilin ransomware group has attacked Windows hosts using a Linux-based binary in a cross-platform attack that can evade Windows-centric detections and security solutions, including conventional ...
CSOonline

Cross-platform ransomware: Qilin weaponizes Linux binaries against Windows hosts

Agenda ransomware group, popularly known as Qilin, has been abusing legitimate remote management and file transfer tools, security researchers revealed in a new disclosure. By deploying a Linux-based ...
Infosecurity-magazine.com

New LockBit Ransomware Variant Emerges as Most Dangerous Yet

Trend Micro has identified a new LockBit ransomware variant that is “significantly more dangerous” than previous versions and is being deployed in the wild. The notorious LockBit ransomware gang ...
TechRepublic

ransomware groups

As ransomware attacks continue, a few key groups have inflicted some of the greatest damage to their victims. Use this guide to learn about their targets and tactics as well as how to safeguard ...
Computerworld

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...
CSOonline

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware designed to operate entirely offline. Forcepoint X-Labs researchers have ...
TechCrunch

SonicWall urges customers to disable SSLVPN amid reports of ransomware attacks

Enterprise security company SonicWall is urging its customers to disable a core feature of its most recent line-up of firewall devices after security researchers reported an uptick in ransomware ...