Ransomware Attacks Appear to Keep Surging
Source: Data Breach Today
RansomHub, Play, Akira and Clop Among the Groups Claiming the Most Victims. Hopes for a lull in ransomware attacks have dissipated amid a wave of record-setting attacks launched despite apparent turnover in the criminal underground.
Phishers Wreak 'Havoc,' Disguising Attack Inside SharePoint
Source: Dark Reading
A complex phishing campaign is targeting Microsoft SharePoint accounts with malicious documents aimed at getting users to compromise themselves by deploying a PowerShell command. The attack is a ClickFix-style cyberattack campaign that ultimately aims to deploy the open source and powerful Havoc command-and-control (C2) framework to gain full control over the targeted system.
CISA: No Change on Defending Against Russian Cyber Threats
Source: Security Week
The CISA public clarification follows news the Trump administration is temporarily pausing offensive cyber operations against Moscow. The US government’s cybersecurity agency CISA says there is no change to its stance detecting and disrupting Russian APTs , even as a recent directive from the Trump administration pauses offensive cyber operations against Russia amid high-stakes negotiations.
Ransomware gang encrypted network from a webcam to bypass EDR
Source: Bleeping Computer
The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows.
China's Silk Typhoon Tied to Cloud Service Provider Hacks
Source: Data Breach Today
A prolific hacking group tied to Beijing appears to have increased its targeting of widely used IT tools and service providers to further its cyberespionage campaigns. The group, tracked as Silk Typhoon, "is an espionage-focused Chinese state actor whose activities indicate that they are a well-resourced and technically efficient group with the ability to quickly operationalize exploits for zero-day vulnerabilities in edge devices" and software.