Ransomware
New gentlemen's raas advertised on underground forums
Lisa Kern AI에 의해 생성된 이미지
Threat actor zeta88 is promoting a new ransomware-as-a-service operation called The Gentlemen's RaaS on hacking forums, targeting Windows, Linux, and ESXi systems. The platform offers affiliates 90 percent of ransom payments and features cross-platform encryption tools developed in Go and C. This development highlights the ongoing commercialization of sophisticated ransomware targeting enterprise environments.
Jaguar Land Rover cyberattack estimated at £1.9 billion cost
A cyberattack that shut down Jaguar Land Rover's operations since August 31 has been estimated to cost the UK £1.9 billion, marking it as the most economically damaging cyber event in the country's history. The incident disrupted production and affected over 5,000 British organisations. Partial production has recently restarted, but full recovery is not expected until January.
Qilin ransomware uses WSL to run Linux encryptors on Windows
The Qilin ransomware group has been observed exploiting the Windows Subsystem for Linux (WSL) to execute Linux-based encryptors directly on Windows systems, bypassing traditional security tools. This technique allows the malware to evade detection by endpoint detection and response (EDR) products focused on Windows behaviors. Cybersecurity firms Trend Micro and Cisco Talos detailed the method in recent research.
Qilin ransomware uses WSL to run Linux encryptors on Windows
Cybersecurity researchers have uncovered a tactic by the Qilin ransomware group that exploits Microsoft's Windows Subsystem for Linux (WSL) to execute Linux-based encryption tools on Windows machines. This method allows attackers to bypass many endpoint detection and response (EDR) systems by operating in a Linux sandbox environment that traditional tools often overlook. The technique highlights the growing sophistication of ransomware operations blending operating systems.
Experts warn of ransomware risks in popular VPN tools
2025년 10월 28일 16시 15분Report claims fewer firms paying ransomware demands
2025년 10월 24일 05시 21분LockBit ransomware group launches version 5.0 after resurgence
2025년 10월 08일 00시 21분CISA adds Oracle and other flaws to exploited vulnerabilities catalog
2025년 10월 03일 03시 08분Ransomware attack disrupts Japan's beer supply
Qilin ransomware deploys Linux binaries against Windows systems
Lisa Kern AI에 의해 생성된 이미지
The Qilin ransomware group, also known as Agenda, has developed a hybrid attack using Linux payloads on Windows hosts to evade detection. By abusing legitimate remote management tools and exploiting vulnerable drivers, attackers disable defenses and target backups. This cross-platform tactic highlights evolving ransomware sophistication.
Cl0p ransomware group claims breach of Oracle E-Business Suite
AI에 의해 보고됨
The Cl0p ransomware group has claimed responsibility for hacking Oracle's E-Business Suite, asserting that it stole sensitive data from companies using the application. The hackers are now notifying affected victims and demanding ransoms to prevent data leaks. Oracle has not yet confirmed the breach.
Gunra ransomware exploits Windows and Linux with encryption vulnerabilities
The Gunra ransomware group, active since April 2025, targets both Windows and Linux systems worldwide through platform-specific malware variants. While the Windows version employs secure encryption, the Linux variant suffers from critical weaknesses that allow brute-force decryption. Organizations in regions like South Korea have reported infections, highlighting the group's expanding operations.
Salesforce refuses extortion demand over 1 billion records breach
Salesforce has announced it will not pay a ransom demanded by a cybercrime group claiming to have stolen around 1 billion records from its customers. The group, known as Scattered LAPSUS$ Hunters, set a deadline of Friday for payment to avoid data leaks. This stance comes amid rising global ransomware incidents and expert warnings against funding criminals.