Tag: ransomware
-
Gunra Ransomware Targets Windows and Linux with Dual Encryption
The cybersecurity landscape continues to face persistent threats from emerging ransomware groups, with Gunra representing a significant concern since its emergence in April 2025. This threat actor has launched systematic attacks across multiple industries and geographic regions, including documented incidents in Korea. What makes Gunra particularly noteworthy is its dual-platform capability”, the group distributes separate…
-
Everest Leaks ATT Records, Demands $1M for Dublin Airport Passenger Data
Everest ransomware group leaks alleged ATT Carrier data, demands $1 million for Dublin Airport files and $2 million for Air Arabia employee records. First seen on hackread.com Jump to article: hackread.com/everest-att-leak-dublin-airport-data/
-
Qilin ransomware abuses WSL to run Linux encryptors in Windows
The Qilin ransomware operation was spotted executing Linux encryptors in Windows using Windows Subsystem for Linux (WSL) to evade detection by traditional security tools. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/qilin-ransomware-abuses-wsl-to-run-linux-encryptors-in-windows/
-
Researchers warn of Qilin ransomware gang after group hit hundreds of orgs this year
In October alone, the suspected Russia-based group added more than 185 victims to its leak site, claiming to be behind recent cybersecurity incidents at Japanese beverage giant Asahi, the Texas city of Sugar Land, a county government in North Carolina and multiple power companies in Texas. First seen on therecord.media Jump to article: therecord.media/qilin-ransomware-gang-hits-hundreds-of-orgs-2025
-
Ransomware-Erpressungen auf Allzeithoch im Gesundheitswesen
In der aktuellen jährlichen Studie ‘State of Ransomware Healthcare 2025″ untersuchte der Cybersicherheitsanbieter Sophos die Erfahrungen mit Ransomware global bei 292 Gesundheitsdienstleistern. Der Bericht beleuchtet Ursachen, Folgen und die Entwicklung dieser Angriffe. Zudem gibt die Studie Auskunft über bisher unerforschte Bereiche: Dazu gehören organisatorische Faktoren, durch die Gesundheitsorganisationen angreifbar wurden, sowie belastende Auswirkungen auf die IT-…
-
Ransomware payments hit record low: only 23% Pay in Q3 2025
Only 23% of ransomware victims paid in Q3 2025, the lowest ever, continuing a six-year decline in payment rates, Coveware reports. Cybersecurity firm Coveware reports that only 23% of ransomware victims paid attackers in Q3 2025, the lowest rate ever recorded. The researchers note this continues a six-year decline in payment rates. After 28% of…
-
SophosStudie 2025: Ransomware im Gesundheitswesen auf Rekordhoch
Die Ergebnisse basieren auf einer unabhängigen Umfrage, die Sophos gemeinsam mit dem Forschungsunternehmen Vanson Bourne zwischen Januar und März 2025 durchführte. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-healthcare-studie-2025-ransomware-im-gesundheitswesen-auf-rekordhoch/a42506/
-
Ransomware payments hit record low: only 23% Pay in Q3 2025
Only 23% of ransomware victims paid in Q3 2025, the lowest ever, continuing a six-year decline in payment rates, Coveware reports. Cybersecurity firm Coveware reports that only 23% of ransomware victims paid attackers in Q3 2025, the lowest rate ever recorded. The researchers note this continues a six-year decline in payment rates. After 28% of…
-
Immer weniger Unternehmen zahlen Hackern ein Lösegeld
Tags: ransomwareDie Rentabilität von Ransomware-Attacken fällt. Nicht nur zahlen immer weniger Opfer das Lösegeld. Auch die Höhe der Zahlungen ist zuletzt stark gefallen. First seen on golem.de Jump to article: www.golem.de/news/ransomware-immer-weniger-unternehmen-zahlen-hackern-ein-loesegeld-2510-201585.html
-
Surprised, Not Surprised, Ransomware Attacks Have Ticked Up
This year to date, ransomware cases have zoomed up 47% over the same period last year, according to data compiled by NordStellar. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/surprised-not-surprised-ransomware-attacks-have-ticked-up/
-
Surprised, Not Surprised, Ransomware Attacks Have Ticked Up
This year to date, ransomware cases have zoomed up 47% over the same period last year, according to data compiled by NordStellar. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/surprised-not-surprised-ransomware-attacks-have-ticked-up/
-
Sweden’s power grid operator confirms data breach claimed by ransomware gang
The utility responsible for operating Sweden’s power grid is investigating a data breach after a ransomware group threatened to leak hundreds of gigabytes of purportedly stolen internal data. First seen on therecord.media Jump to article: therecord.media/sweden-power-grid-operator-data
-
Ransomware profits drop as victims stop paying hackers
The number of victims paying ransomware threat actors has reached a new low, with just 23% of the breached companies giving in to attackers’ demands. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ransomware-profits-drop-as-victims-stop-paying-hackers/
-
LockBit 5.0 expands targeting amid ransomware escalation
The LockBit RaaS operation is back in action, with technical features and expanded targeting, and is contributing to a steadily growing number of ransomware attacks First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366633551/LockBit-50-expands-targeting-amid-ransomware-escalation
-
Qilin Ransomware Group Publishes Over 40 Cases Monthly
Qilin ransomware activity has surged in late 2025, threatening data leaks via double extortion tactics First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/qilin-ransomware-40-cases-monthly/
-
Qilin Targets Windows Hosts With Linux-Based Ransomware
The attack by the one of the most impactful RaaS groups active today demonstrates an evasion strategy that can stump defenses not equipped to detect cross-platform threats. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/qilin-targets-windows-hosts-linux-based-ransomware
-
Risiken bei der Wiederherstellung nach Ransomware-Angriffen
Tags: alphv, authentication, backup, ceo, ciso, crowdstrike, cyber, cyberattack, DSGVO, encryption, extortion, incident response, infrastructure, insurance, lockbit, mfa, ransomware, resilience, risk, risk-management, service, tool, updateDie Zahlung des Lösegelds nach einer Ransomware-Attacke ist keine Garantie für eine reibungslose oder gar erfolgreiche Wiederherstellung der Daten.Zwei von fünf Unternehmen, die Cyberkriminellen für die Entschlüsselung von Ransomware bezahlen, können ihre Daten nicht wiederherstellen. Das hat eine weltweite Umfrage des Versicherungsanbieters Hiscox unter 1.000 mittelständischen Unternehmen ergeben.Die Ergebnisse zeigen, dass Ransomware nach wie vor…
-
Risiken bei der Wiederherstellung nach Ransomware-Angriffen
Tags: alphv, authentication, backup, ceo, ciso, crowdstrike, cyber, cyberattack, DSGVO, encryption, extortion, incident response, infrastructure, insurance, lockbit, mfa, ransomware, resilience, risk, risk-management, service, tool, updateDie Zahlung des Lösegelds nach einer Ransomware-Attacke ist keine Garantie für eine reibungslose oder gar erfolgreiche Wiederherstellung der Daten.Zwei von fünf Unternehmen, die Cyberkriminellen für die Entschlüsselung von Ransomware bezahlen, können ihre Daten nicht wiederherstellen. Das hat eine weltweite Umfrage des Versicherungsanbieters Hiscox unter 1.000 mittelständischen Unternehmen ergeben.Die Ergebnisse zeigen, dass Ransomware nach wie vor…
-
Ransomware, extortion groups adapt as payment rates reach historic lows
Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/27/ransomware-extortion-payment-q3-2025/
-
Ransomware, extortion groups adapt as payment rates reach historic lows
Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/27/ransomware-extortion-payment-q3-2025/
-
Cross-platform ransomware: Qilin weaponizes Linux binaries against Windows hosts
Tags: access, backup, cio, ciso, control, credentials, defense, detection, exploit, healthcare, identity, infrastructure, linux, monitoring, network, ransomware, threat, tool, windowsFixing the gaps : Threat actors are now exploiting legitimate IT tools and hybrid infrastructures to quietly sidestep conventional defenses, calling for CISOs to rethink security strategies.Mehta added that when Linux binaries execute on Windows through a remote tool, your Windows-only detections won’t save.He added, Agenda Ransomware exploits Windows-centric assumptions, under-protected RMM tools, and neglected driver…
-
Cross-platform ransomware: Qilin weaponizes Linux binaries against Windows hosts
Tags: access, backup, cio, ciso, control, credentials, defense, detection, exploit, healthcare, identity, infrastructure, linux, monitoring, network, ransomware, threat, tool, windowsFixing the gaps : Threat actors are now exploiting legitimate IT tools and hybrid infrastructures to quietly sidestep conventional defenses, calling for CISOs to rethink security strategies.Mehta added that when Linux binaries execute on Windows through a remote tool, your Windows-only detections won’t save.He added, Agenda Ransomware exploits Windows-centric assumptions, under-protected RMM tools, and neglected driver…
-
Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD
Qilin ransomware group used Linux binaries on Windows to evade EDRs, steal backups, and disable defenses via BYOVD attacks. Trend Research found that the Qilin ransomware group (aka Agenda) used a Linux ransomware binary on Windows systems via legitimate remote tools, bypassing Windows defenses and EDRs. The cross-platform method enables stealthy attacks, stealing backup credentials…
-
Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack
The ransomware group known as Qilin (aka Agenda, Gold Feather, and Water Galura) has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June.The development comes as the ransomware-as-a-service (RaaS) operation has emerged…
-
Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack
The ransomware group known as Qilin (aka Agenda, Gold Feather, and Water Galura) has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June.The development comes as the ransomware-as-a-service (RaaS) operation has emerged…
-
Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack
The ransomware group known as Qilin (aka Agenda, Gold Feather, and Water Galura) has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June.The development comes as the ransomware-as-a-service (RaaS) operation has emerged…
-
Three Factors Determine Whether a Ransomware Group is Successful
ReliaQuest’s Threat Spotlight: How Automation, Customization, and Tooling Signal Next Ransomware exposes how elite Ransomware-as-a-Service (RaaS) groups thrive. Automation, advanced tools, and attack customization attract top affiliates and drive faster, more effective ransomware operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/three-factors-determine-whether-a-ransomware-group-is-successful/