Researchers specialized in cybercrime have recently identified a new malicious program called Slopoly, linked to an economically motivated threat actor known as Hive0163. This finding confirms that digital criminals are beginning to use AI models to accelerate the creation of new pieces of malware and optimize their intrusion campaigns. The discovery was detailed by security...Read More
Executive Summary A relatively new ransomware group, Interlock, has gained traction in 2025 as an opportunistic ransomware operator that leverages compromised websites and multi-stage social engineering techniques to deliver their payloads. First observed in September 2024, Interlock departs from the traditional Ransomware-as-a-Service (RaaS) model, operating without affiliates or public advertisements. The financially-motivated group conducts opportunistic...Read More
Microsoft Threat Intelligence has observed financially motivated threat actor Storm-0501 continuously evolving their campaigns to achieve sharpened focus on cloud-based tactics, techniques, and procedures (TTPs). While the threat actor has been known for targeting hybrid cloud environments, their primary objective has shifted from deploying on-premises endpoint ransomware to using cloud-based ransomware tactics. Unlike traditional on-premises...Read More
Japanese semiconductor test equipment supplier Advantest said it is dealing with a ransomware attack that has impacted several company systems. The company said it detected unusual activity within its IT environment on Sunday and activated incident response protocols and isolated the impacted systems. “Preliminary findings appear to indicate that an unauthorized third party may have...Read More
In August 2025, Cisco Talos observed big-game hunting and double extortion attacks carried out by Kraken, a Russian-speaking group that has emerged from the remnants of the HelloKitty ransomware cartel. Talos observed in one intrusion that the Kraken actor exploited Server Message Block (SMB) vulnerabilities for initial access, then used tools like Cloudflared for persistence and SSH Filesystem (SSHFS) for data exfiltration before encryption. Kraken is a cross-platform ransomware with distinct encryptors for Windows, Linux, and VMware ESXi, targeting a wide...Read More
What SMBs Need to Know About Ransomware Today Ransomware is constantly evolving. Over the years, cybercriminals have moved from a spray-and-pray methodology to big-game hunting, where cybercrime gangs target victims that may be the most vulnerable to such attacks, according to Asheer Malhotra, technical lead and security researcher at Cisco Talos, a threat intelligence...Read More
The dramatic acceleration of ransomware attacks now occurs at machine speed, completing in minutes rather than days. This shift is driven by AI-powered tactics and multi extortion campaigns, rendering traditional human-driven security responses obsolete. There is a critical need for AI-powered detection, automated responses and eXtended Detection and Response (XDR) platforms to build speed-compatible defenses...Read More
NEW BRITAIN, CT (WFSB) – A ransomware attack has disrupted New Britain’s city network systems for more than 48 hours, forcing departments to operate with pen and paper while federal authorities investigate. What began as a suspected cyberattack has been confirmed as a ransomware attack that started early Wednesday morning when the New Britain Police...Read More
Your browser is not supported | clarionledger.com clarionledger.com wants to ensure the best experience for all of our readers, so we built our site to take advantage of the latest technology, making it faster and easier to use. Unfortunately, your browser is not supported. Please download one of these browsers for the best experience on...Read More
Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed to threat actor Storm-2603, based on overlapping tools and tactics, techniques, and procedures (TTPs) Talos...Read More
