#ransomware

#ransomware

Miljödata runs HR, sick leave, and incident reporting systems for approximately 80 percent of Sweden's municipalities, making it a juicy single point of failure. Over the weekend, those systems went dark, leaving councils from Gotland and Halland to Karlstad and Skellefteå unable to access key services. Miljödata CEO Erik Hallén confirmed on August 25 that the disruption was the result of a cyberattack that had affected 200 of Sweden's 290 municipalities.

Two alleged Taiwanese clients of a Chinese ransomware group behind attacks on the Mackay Memorial Hospital and other targets in Taiwan have been arrested and released on bail. According to a Ministry of Justice Investigation Bureau, between February and March, the group CrazyHunter used ransomware to attack hospitals, publicly listed companies, and academic institutions, per CNA. Victims who refused to pay ransoms informed the bureau's Taipei field office.

AI isn't just helping white-collar workers be more productive - it's also aiding white-collar criminals. Anthropic said in a Wednesday report that it detected and thwarted cybercriminals attempting to carry out hacks using the startup's AI tool, Claude. While AI has been used in hacking efforts for years, Anthropic said advances in the technology mean it's being used to "perform" cyberattacks throughout the entire operation - and with smaller teams.

Ransomware is malicious code designed to lock you out of your own data, typically by encrypting files or entire systems and then demanding payment, usually in cryptocurrency, to restore access. Victims are left with impossible choices: pay the ransom and hope the attacker delivers the key, or lose access permanently, sometimes along with the public exposure of stolen data. This isn't just about frozen spreadsheets or lost vacation photos.

"The Company is working diligently to restore the affected systems," the manufacturer said in a Form 8-K filed with the US Securities and Exchange Commission yesterday. The ransomware attack "temporarily impacted the Company's operations, including internal/external communications, shipping, receiving, manufacturing production, and various other support functions," it continued. Data I/O also claims that, while it has restored some of its functions, others remain offline, with no timetable for a fix. An investigation is ongoing.

Warlock, the emergent cyber crime gang that claims it is holding UK network and telecoms services provider Colt's data to ransom, appears to have hit multiple other victims in the past few weeks, it has emerged. This is according to data supplied through the open source RansomLook.io information service, which is currently tracking 475 ransomware gangs across hundreds of dark web forums, markets and other channels. Warlock has claimed a total of 22 new victims since since 16 August, according to the data.

"The company's preliminary investigation determined that a threat actor gained unauthorized access to, and encrypted certain of, the company's systems," Inotiv says.

The existence of the exploit was first reported last week by vx-underground, which said it was released by Scattered Lapsus$ Hunters, a new fluid alliance formed by Scattered Spider and ShinyHunters.

"What you mentioned around, you know, data being leaked, that's vital intelligence for law enforcement, for threat researchers, and that's the big takeaway from a lot of these takedowns, I guess. In the wake of that, you're seizing domains, you're seizing servers, you're getting really valuable information on how these organizations work."

Recovery isn't a last resort - it's a strategy. The organizations that plan and rehearse their recoveries are the ones that come through an attack strongest.

The reality of today's threat landscape demands a holistic approach to cyber resilience, which requires organizations to do more than just prevent attacks.

The data dump from a ransomware group, labeled under a medical practice, actually contained files from a tax preparation service named Lacerte, not any patient data or office files.

Ransomware is a predatory crime that puts the public at risk, wrecks livelihoods and threatens the services we depend on. That's why we're determined to smash the cyber criminal business model and protect the services we all rely on as we deliver our plan for change.

Japanese authorities released a free decryptor for ransomware, enabling victims to recover files without payment. This software targets Phobos and 8Base ransomware families.

Alaska Airlines has grounded its fleet due to an unspecified IT issue, affecting operations and leading to a temporary ground stop across its network.

Ransomware-as-a-Service (RaaS) allows inexperienced threat actors to launch large-scale attacks, exfiltrate sensitive data, and disable recovery infrastructure, pushing businesses to reassess their strategies.

The integration combines Scale Computing's Hypercore platform with Bitdefender's GravityZone to secure workloads, virtual desktops, and data in edge environments.

Since May 2025, activity related to the Interlock RAT has been observed in connection with the LandUpdate808 (aka KongTuke) web-inject threat clusters.