A new ransomware group called Alpha has emerged, establishing its Dedicated/Data Leak Site (DLS) on the Dark Web and posting data from six victims, targeting companies in various industries across the UK, US, and Israel.
Schneider Electric’s Sustainability Business division experienced a ransomware attack by the Cactus group, resulting in system encryption and data theft.
Ransomware incidents in 2023 surged by almost 70%, with a significant increase in ransomware leak sites and the fragmentation of well-known ransomware groups contributing to the rise.
State-sponsored groups have been actively exploiting two critical zero-day vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure VPNs, leading to an emergency directive for Federal Civilian Executive Branch agencies and impacting numerous organizations.
Mustang Panda, a China-based threat actor, is suspected of targeting Myanmar’s Ministry of Defence and Foreign Affairs with backdoors and remote access trojans, posing significant risks to the targeted governments and organizations.
Juniper Networks has released out-of-band updates to address high-severity vulnerabilities in its SRX Series and EX Series, including missing authentication and cross-site scripting vulnerabilities that could enable unauthorized access and execution of arbitrary commands.
