Ransomware gangs aren’t just after big corporations, now, they’re sinking their claws into healthcare. A new ransomware strain called NailaoLocker hit European healthcare organizations, using ShadowPad and PlugX malware. Ghost ransomware is living up to its name, slipping into networks across 70 countries by exploiting software and firmware vulnerabilities. Phishing campaigns are evolving, and attackers are no longer bothering with fake domains. A rising number of phishing emails now use trusted business platforms, making them look more legitimate than ever. Read on for more.
01
A new ransomware called NailaoLocker has been found in attacks on European healthcare organizations from June to October 2024. These attacks deployed ShadowPad and PlugX malware.
02
The Ghost ransomware group has been exploiting vulnerabilities in software and firmware, leading to the compromise of organizations in over 70 countries, with financial gain as its primary goal.
03
Russian threat actors UNC5792 and UNC4221 have been targeting Signal, focusing on individuals likely involved in sensitive military and government communications related to the war in Ukraine.
04
A new JavaScript obfuscation method using invisible Unicode characters is being misused in phishing attacks aimed at affiliates of an American political action committee.
05
Microsoft has released security updates for two critical vulnerabilities affecting Bing (CVE-2025-21355) and Power Pages (CVE-2025-24989).
06
Q3 2024 saw a 300% increase in endpoint malware detections, with a shift towards threats that exploit legitimate websites or documents, and an increase in the use of social engineering tactics for attacks.
07
Threat actors are increasingly targeting platforms such as Dropbox, SharePoint, and QuickBooks in their phishing email campaigns, with 96% of emails utilizing existing domains rather than registering new ones.
08
Barebox, a popular bootloader for embedded systems, has released version 2025.01.0 to fix critical vulnerabilities that could let attackers bypass secure boot and execute code.
09
Cofense has identified a phishing scheme targeting Amazon Prime users, which aims to steal not only login credentials but also verification information and payment data.
10
Menlo Security announced the acquisition of data and file security platform Votiro. Terms of the deal were not disclosed.
