News

The State of Ransomware in Enterprise 2025

Bys s January 14, 2026

Categories: Products & Services

Tags: Ransomware, Enterprise, Solutions, The State of Ransomware

News

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave
Bys s October 8, 2025

Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT to targets. The activity, observed by cybersecurity company Huntress in August 2025, is characterized by the use of an unusual technique called log poisoning (aka…

Read More Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave
News

Meet NailaoLocker: a ransomware distributed in Europe by ShadowPad and PlugX backdoors
Bys s February 20, 2025

Marine Pichon and Alexis Bonnefoi of Orange Cyberdefense report: Last year, Orange Cyberdefense’s CERT investigated a series of incidents from an unknown threat actor leveraging both ShadowPad and PlugX. Tracked as Green Nailao (“Nailao” meaning “cheese” in Chinese – a topic our World Watch CTI team holds in high regard), the campaign impacted several European organizations, including in the healthcare vertical, during…

Read More Meet NailaoLocker: a ransomware distributed in Europe by ShadowPad and PlugX backdoors
News

4 Ways to Keep MFA From Becoming too Much of a Good Thing
Bys s February 11, 2025

Multi-factor authentication (MFA) has quickly become the standard for securing business accounts. Once a niche security measure, adoption is on the rise across industries. But while it’s undeniably effective at keeping bad actors out, the implementation of MFA solutions can be a tangled mess of competing designs and ideas. For businesses and employees, the reality…

Read More 4 Ways to Keep MFA From Becoming too Much of a Good Thing
News

U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud
Bys s May 30, 2025

The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based company named Funnull Technology Inc. and its administrator Liu Lizhi for providing infrastructure to conduct romance baiting scams that led to massive cryptocurrency losses. The Treasury accused the Taguig-headquartered company of enabling thousands of websites involved in

Read More U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud
News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution
Bys s January 20, 2026

A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol (MCP) server maintained by Anthropic, that could be exploited to read or delete arbitrary files and execute code under certain conditions. “These flaws can be exploited through prompt injection, meaning an attacker who can influence what an AI…

Read More Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution
News

Illinois Department of Human Services phishing attack affected more than 1.1M public assistance clients
Bys s December 23, 2024

Their substitute notice, as published on Effingham Radio: Springfield, IL-(Effingham Radio)- Pursuant to the requirements of the Illinois Personal Information Protection Act (PIPA), 815 ILCS 530/12, the Illinois Department of Human Services (IDHS) is notifying the media of an incident within IDHS State of Illinois email accounts: On April 25, 2024, IDHS experienced a privacy breach….

Read More Illinois Department of Human Services phishing attack affected more than 1.1M public assistance clients

Similar Posts