Issue #142 - March 24, 2025
- Weekly INK
- Mar 24
- 2 min read
Medusa Ransomware Brings Its Own Vulnerable Driver
Source: Data Breach Today
Hackers Use Stolen Certificates to Bypass Endpoint Detection and Response. A Russian-speaking ransomware group has been deploying a malicious Windows PE driver that imitates a legitimate CrowdStrike Falcon driver to bypass endpoint security, researchers warn.
Ransomware Group Claims Attack on Virginia Attorney General’s Office
Source: Security Week
A ransomware group known as Cloak has claimed responsibility for a disrupting cyberattack on the Virginia Attorney General Office’s systems. The incident became public in mid-February, when the state’s top prosecutorial agency told employees that nearly all its computer systems, internal services and applications, and website were down, and that internet connectivity and VPN access were affected as well.
Auto Lending Fraud Climbs 16.5% to $9.2B in 2024
Source: Data Breach Today
Auto lenders are grappling with a surge in complex fraud schemes that are not only increasing in volume but also exploiting systemic blind spots. From coordinated bust-out rings to fake dealership websites, fraudsters are expanding their playbooks with bold new tactics.
Oracle customers confirm data stolen in alleged cloud breach is valid
Source: Bleeping Computer
Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid.
Hackers using AI agents more often for account takeover – Gartner
Source: Cyber News
AI agents are becoming increasingly popular with hackers for exploiting online accounts. By 2027, they will reduce the time to take over an account by 50%. That’s the grim and harsh reality American research and advisory firm Gartner depicts in its latest report, Predicts 2025: Navigating Imminent AI Turbulence for Cybersecurity.