A new ransomware-as-a-service (RaaS) group has emerged and has been making a name for itself in 2025. Anubis is a recently identified group that sets itself apart by partnering encryption with more destructive capabilities—wiping directories which severely impact chances of file recovery. Given its brief history and use of a multi-layered extortion model, Anubis has...Read More
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring and Management (RMM) instances to compromise customers of an unnamed utility billing software provider. “This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp RMM since January 2025,” the...Read More
Cybersecurity professionals and business leaders are on high alert following a confirmed breach of a utility billing software provider, traced to unpatched vulnerabilities in the widely used SimpleHelp Remote Monitoring and Management (RMM) platform. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning that ransomware actors have leveraged these security gaps...Read More
The Fog ransomware group has evolved beyond conventional attack methods, deploying an unprecedented arsenal of legitimate pentesting tools in a sophisticated May 2025 campaign targeting a financial institution in Asia. This latest operation marks a significant departure from typical ransomware tactics, incorporating employee monitoring software and open-source penetration testing frameworks previously unseen in the ransomware...Read More
Cybersecurity researchers have uncovered a sophisticated ransomware campaign targeting utility billing software providers through unpatched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) systems. The attack represents a concerning evolution in ransomware tactics, where threat actors are leveraging trusted remote access tools to establish persistent footholds in critical infrastructure networks and subsequently compromise downstream customers...Read More
Businesses and critical infrastructure operators must report ransomware payments within 72 hours or face civil penalties. Subscribe Subscribe to Regulation Asia to gain access to APAC’s leading platform for news, analysis, research and verified data on financial regulation. Select More Information below to view our subscription packages or you can email us at [email protected] to...Read More
Exclusive: Deakin Medical Centre hit by alleged Global ransomware attack Patient scan results, psychiatric assessments, and healthcare plans part of dataset published to the darknet. The Global ransomware group has continued its series of attacks on Australian healthcare providers, with the Mildura-based Deakin Medical Centre recently listed on its darknet leak site. The medical centre...Read More
NSW-based financial services firm Skeggs Goldstien has confirmed it is investigating a cyber security incident after the company was listed on a ransomware leak site overnight. The Qilin ransomware gang shared details of the incident in a 12 June post where the hackers claimed to have stolen 500 gigabytes of data.
To prove the...Read More
