6 stories tagged with this topic.
Security researchers have identified Mistic, a stealthy backdoor malware attributed to the KongTuke initial access broker, which sells network access to ransomware groups. The malware, active since April 2026, enables long-term persistence and in-memory payload execution, evading traditional detection methods.
Thalha Jubair and Owen Flowers pleaded guilty to breaching Transport for London's systems in August-September 2024, disrupting refund services and exposing customer data. The attack forced password resets for 28,000 employees and incurred £29m in losses.
The Gentlemen ransomware operation uses at least eight variants of a custom EDR-killing utility, alongside three external tools, to bypass security products from 48 vendors before deploying ransomware or stealing data.
A trade analysis highlights five critical limitations in Microsoft 365’s built-in data protection, urging businesses to adopt third-party backup solutions for ransomware resilience, regulatory compliance, and efficient recovery.
A cyberattack on Australia’s second-largest sugar producer, Mackay Sugar, has disrupted operations, leading to delayed harvests and potential financial losses for farmers. The company is gradually restoring systems but has advised growers to hold off on harvesting until full capacity is regained.
Symantec researchers discovered DragonForce ransomware using custom Go-based malware, Backdoor.Turn, to abuse Microsoft Teams TURN relays, masking C2 communications within trusted infrastructure during a December 2025 attack on a U.S. services company.