#ransomware

#ransomware

"The Company is working diligently to restore the affected systems," the manufacturer said in a Form 8-K filed with the US Securities and Exchange Commission yesterday. The ransomware attack "temporarily impacted the Company's operations, including internal/external communications, shipping, receiving, manufacturing production, and various other support functions," it continued. Data I/O also claims that, while it has restored some of its functions, others remain offline, with no timetable for a fix. An investigation is ongoing.

Warlock, the emergent cyber crime gang that claims it is holding UK network and telecoms services provider Colt's data to ransom, appears to have hit multiple other victims in the past few weeks, it has emerged. This is according to data supplied through the open source RansomLook.io information service, which is currently tracking 475 ransomware gangs across hundreds of dark web forums, markets and other channels. Warlock has claimed a total of 22 new victims since since 16 August, according to the data.

The existence of the exploit was first reported last week by vx-underground, which said it was released by Scattered Lapsus$ Hunters, a new fluid alliance formed by Scattered Spider and ShinyHunters.

Recovery isn't a last resort - it's a strategy. The organizations that plan and rehearse their recoveries are the ones that come through an attack strongest.

The reality of today's threat landscape demands a holistic approach to cyber resilience, which requires organizations to do more than just prevent attacks.

The data dump from a ransomware group, labeled under a medical practice, actually contained files from a tax preparation service named Lacerte, not any patient data or office files.

Japanese authorities released a free decryptor for ransomware, enabling victims to recover files without payment. This software targets Phobos and 8Base ransomware families.

Alaska Airlines has grounded its fleet due to an unspecified IT issue, affecting operations and leading to a temporary ground stop across its network.

Ransomware-as-a-Service (RaaS) allows inexperienced threat actors to launch large-scale attacks, exfiltrate sensitive data, and disable recovery infrastructure, pushing businesses to reassess their strategies.

The integration combines Scale Computing's Hypercore platform with Bitdefender's GravityZone to secure workloads, virtual desktops, and data in edge environments.

Since May 2025, activity related to the Interlock RAT has been observed in connection with the LandUpdate808 (aka KongTuke) web-inject threat clusters.