American contract research organization Inotiv disclosed Monday that it became aware of a cybersecurity incident affecting certain of its systems and data earlier this month. Its preliminary investigation determined that a threat actor gained unauthorized access to, and encrypted certain of, the company’s systems, while investigations into the incident are ongoing. “Upon identifying encrypted systems,...Read More
Last week, telecom company Colt Technology Services was hit by a major cyberattack. Now the alleged perpetrators have been identified: WarLock. The method used in the attack also appears to be clear. A member of the WarLock hacker group has claimed responsibility for the Colt attack. The username is “cnkjasdfgd”; the user claims that one...Read More
In a significant escalation of the U.S. government’s fight against cybercrime, the Department of Justice has seized over $2.8 million in cryptocurrency from an individual accused of operating the notorious Zeppelin ransomware network. This operation, detailed in recent court filings, targets Ianis Aleksandrovich Antropenko, a Russian national allegedly behind attacks that have plagued businesses and...Read More
A comprehensive reverse engineering analysis has unveiled the sophisticated technical mechanisms behind Lockbit’s Linux ESXi ransomware variant, first discovered in 2022 but recently dissected to reveal advanced evasion techniques and cryptographic implementations that specifically target virtualized server environments. Anti-Analysis Evasion and Obfuscation Techniques The malware employs a clever anti-debugging mechanism using the ptrace system call...Read More
Sophos’ Aaron Bugal on Evolving Ransomware Tactics and Endpoint Vulnerabilities Brian Pereira (creed_digital) • August 11, 2025 Aaron Bugal, field CISO, APJ, Sophos Ransomware demands in the Asia-Pacific and Japan region fell by 50% in 2025, according to Sophos’ latest State of Ransomware report. Aaron Bugal, field CISO at Sophos, said this change...Read More
A sophisticated malware campaign has been identified, utilizing PipeMagic, a highly modular backdoor deployed by the financially motivated threat actor Storm-2460. This advanced malware masquerades as a legitimate open-source ChatGPT Desktop Application while exploiting the zero-day vulnerability CVE-2025-29824 in Windows Common Log File System (CLFS) to deploy ransomware across multiple sectors globally. Key Takeaways1. PipeMagic...Read More
In the first half of 2025, the number of ransomware attacks in Japan increased by approximately 1.4 times compared to the previous year. Ransomware attackers continue to primarily target small and medium-sized enterprises in Japan. The most affected industry remains manufacturing, unchanged from last year. The ransomware group causing the most damage in Japan is...Read More
Annual report examines the critical need for proactive security hygiene to counter increasingly adaptive ransomware operations SANTA CLARA, Calif., Aug. 19, 2025 /PRNewswire/ — ThreatDown, the corporate business unit of Malwarebytes, today released its “2025 State of Ransomware” report, revealing a significant 25% year-over-year increase in ransomware attacks from July 2024 to June 2025, with...Read More
