In a significant escalation of the U.S. government’s fight against cybercrime, the Department of Justice has seized over $2.8 million in cryptocurrency from an individual accused of operating the notorious Zeppelin ransomware network. This operation, detailed in recent court filings, targets Ianis Aleksandrovich Antropenko, a Russian national allegedly behind attacks that have plagued businesses and...Read More
A comprehensive reverse engineering analysis has unveiled the sophisticated technical mechanisms behind Lockbit’s Linux ESXi ransomware variant, first discovered in 2022 but recently dissected to reveal advanced evasion techniques and cryptographic implementations that specifically target virtualized server environments. Anti-Analysis Evasion and Obfuscation Techniques The malware employs a clever anti-debugging mechanism using the ptrace system call...Read More
Sophos’ Aaron Bugal on Evolving Ransomware Tactics and Endpoint Vulnerabilities Brian Pereira (creed_digital) • August 11, 2025 Aaron Bugal, field CISO, APJ, Sophos Ransomware demands in the Asia-Pacific and Japan region fell by 50% in 2025, according to Sophos’ latest State of Ransomware report. Aaron Bugal, field CISO at Sophos, said this change...Read More
A sophisticated malware campaign has been identified, utilizing PipeMagic, a highly modular backdoor deployed by the financially motivated threat actor Storm-2460. This advanced malware masquerades as a legitimate open-source ChatGPT Desktop Application while exploiting the zero-day vulnerability CVE-2025-29824 in Windows Common Log File System (CLFS) to deploy ransomware across multiple sectors globally. Key Takeaways1. PipeMagic...Read More
In the first half of 2025, the number of ransomware attacks in Japan increased by approximately 1.4 times compared to the previous year. Ransomware attackers continue to primarily target small and medium-sized enterprises in Japan. The most affected industry remains manufacturing, unchanged from last year. The ransomware group causing the most damage in Japan is...Read More
Annual report examines the critical need for proactive security hygiene to counter increasingly adaptive ransomware operations SANTA CLARA, Calif., Aug. 19, 2025 /PRNewswire/ — ThreatDown, the corporate business unit of Malwarebytes, today released its “2025 State of Ransomware” report, revealing a significant 25% year-over-year increase in ransomware attacks from July 2024 to June 2025, with...Read More
Inotiv, a prominent US-based contract research organization (CRO), is grappling with significant operational disruptions after a ransomware attack encrypted parts of its internal systems. The Qilin ransomware gang has claimed responsibility for the breach, leaking samples of over 170 GB of proprietary research data on their dark web portal. The company disclosed the incident in...Read More
A researcher uncovers vulnerabilities across Intel’s internal websites that exposed sensitive employee and supplier data. The Kimsuky group (APT43) targets South Korean diplomatic missions. A new DDoS vulnerability bypasses the 2023 “Rapid Reset” fix. Drug development firm Inotiv reports a ransomware attack to the SEC. The UK drops their demand that Apple provide access to...Read More
