‘Spearwing’ RaaS Group Ruffles Feathers in Cyber Threat Scene
Summary: The Medusa ransomware has emerged as a prominent tool for the threat group known as “Spearwing,” which has targeted nearly 400 victims since 2023. Their ransom demands can range from 0,000 to million, and they employ tactics such as double extortion to pressure victims. The group exploits unpatched vulnerabilities, particularly in Microsoft Exchange Servers, to gain access to networks and conduct attacks.…
Read More
Bosowa Berlian Motor Allegedly Breached
Summary: A recent dark web post claims that PT Bosowa Berlian Motor has suffered a significant data breach, involving the compromise of its database and website source code. The exposed data reportedly exceeds 5 GB, including SQL database files and a large number of tables. This incident raises concerns about the security of sensitive information related to one of Indonesia’s major automotive companies.…
Read More
Security Implications of Low-Code/No-Code Platforms: The Unseen Cyberwar
This article provides a thorough analysis of the security vulnerabilities associated with low-code/no-code (LCNC) platforms, exposing architectural flaws and real-world breaches. It outlines case studies involving significant breaches such as Microsoft Power Apps and Airtable, highlighting the negligence of platform providers. A call to action for stronger security practices and vendor accountability concludes the report.…
Read More
Canadian intelligence agency warns of threat AI poses to upcoming elections
Summary: Canada’s Communications Security Establishment (CSE) warns that hostile actors may misuse AI tools to disrupt upcoming elections, although the integrity of democratic processes is deemed unlikely to be fundamentally undermined. The report highlights the theft of vast data on politicians and citizens by China, which enhances interference capabilities.…
Read More
Medusa Ransomware Attacks Increase
Summary: The Medusa ransomware has seen a significant rise in attacks, doubling in early 2025 compared to the previous year, according to Symantec. Utilizing a ransomware-as-a-service model, it targets various sectors globally while employing double-extortion tactics. With ransoms demanded between 0,000 and million, Medusa exploits vulnerabilities in systems like Microsoft Exchange and VMware ESXi.…
Read More
Emulating the Relentless RansomHub Ransomware
RansomHub is a newly emerged Ransomware-as-a-Service (RaaS) operation targeting organizations globally, implementing a double-extortion model that encrypts and steals sensitive data. The encryptor, encoded in C++ or Go, presents challenges for security analysis due to its password requirement for execution. Potential links to previous ransomware groups like Knight and BlackCat/ALPHV are noted.…
Read More
CISA, FBI warn of BianLian mail scam targeting executives with 0k ransom note
Summary: Federal law enforcement agencies are alerting business executives about a scam using the name of the Russian BianLian ransomware gang to extort companies for Bitcoin payments. The scam involves letters claiming that sensitive data has been stolen, threatening publication unless ransoms are paid. The FBI and CISA urge anyone receiving such letters to report them, as the legitimacy of the connection to the actual BianLian gang remains unclear.…
Read More
Ransomware Builds Against Saudi Construction Firms
Summary: A ransomware attack by the DragonForce group has targeted Saudi construction firm Al Bawani, stealing approximately 6TB of sensitive data and highlighting increased cyber threats in the region. The attack underscores a concerning trend in which construction and real estate sectors are increasingly being targeted by cybercriminals, fueled by the proliferation of ransomware-as-a-service (RaaS) models.…
Read More
Tracking Threat Actors: How Infrastructure Analysis Reveals Cyber Attack Patterns
This article discusses methodologies for clustering and analyzing cyber threats, focusing on the infrastructure used by the Iranian group Pioneer Kitten and its connections to other threat actors, including the North Korean IT workers. The emphasis is on the importance of cross-referencing diverse data sources to gain insights for long-term intelligence production.…
Read More
VMWare ESXi Vulnerabilities Exploited, Patch Now
Broadcom has identified three critical vulnerabilities in VMware ESXi affecting local admin privileges, enabling code execution on the host and memory leakage. The vulnerabilities are actively exploited, posing severe risks to various VMware products, necessitating immediate updates. Affected: VMware ESXi, VMware Workstation, VMware Fusion, VMware Cloud Foundation, VMware Telco Cloud Platform

Keypoints :

Three critical zero-day vulnerabilities disclosed by Broadcom on March 4, 2025.…
Read More
Utsunomiya Central Clinic in Japan Suffers Ransomware Cyberattack, Potential Patient Data Breach

Date Reported: 2025-02-10 Country: JPN | Japan Victim: Utsunomiya Central Clinic | Utsunomiya Central Clinic Website: ucc.or.jp Information :The Utsunomiya Central Clinic in Japan was hit by a ransomware cyberattack on February 10, 2025. There is a potential leak of personal information of patients and staff, including names, birth dates, addresses, and phone numbers.…
Read More
Toronto Zoo shares update on last year’s ransomware attack
Summary: The Toronto Zoo experienced a ransomware attack in January 2024, resulting in a data breach affecting personal and financial information of employees, volunteers, and donors. The stolen data includes names, addresses, phone numbers, email addresses, and the last four digits of credit card numbers. The attack was claimed by the Akira ransomware group, which has a history of targeting various organizations worldwide.…
Read More
Boramae Ransomware
Boramae Ransomware is a newly discovered strain aimed at Windows systems, known for its effective encryption and evasion tactics. The ransomware not only encrypts files but also leaves threat-laden ransom notes demanding payment under duress. These findings emphasize the need for robust cybersecurity measures and incident response strategies.…
Read More