Emsisoft argues that paying ransoms only encourages more attacks and drives up costs, and advocates for a complete ban on ransom payments as the only viable solution to the ransomware problem.
The recent Log4j incident and the involvement of the White House underscore the need for organizations to take proactive measures to enhance software supply chain security.
The official Python Package Index (PyPI) has been found to contain malicious Python projects that deploy customized backdoors with cyberespionage functionality, including file execution, file exfiltration, and the ability to take screenshots of a user’s screen, highlighting the ongoing trend of targeting open-source repositories for crypto mining operations.
UAC-0050, a threat actor active since 2020, is currently using phishing attacks to distribute the Remcos RAT malware, targeting Ukrainian and Polish entities through social engineering campaigns.
LastPass now requires users to set a master password of at least 12 characters and enhances other security settings to protect user accounts.
Ukraine’s largest mobile network carrier, Kyivstar, experiences a significant cyberattack orchestrated by the Russian military intelligence cyberwarfare unit known as Sandworm, resulting in disruptions to phone and internet services for approximately 24 million users.
