A new ransomware operation known as Kyber has emerged. Their first and current only posted victim is L3Harris, a major defense contractor in the United States. The operators have provided a timer that ends around 6 PM EST on Sunday, October 19. The group claims to have stolen over 300 GB of data…
The first samples of the new(ish) White Lock ransomware began emerging towards the end of September. The earliest compilation time stamp of the four samples currently on MalwareBazaar, Triage, and VirusTotal is September 29, 2025. It has all the hallmarks of traditional crypto-ransomware: kills anti…
Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/dan0n The dAn0n Hacker Group, or dAn0n, was first observed in the Spring of 2024. They posted their first victim on their simultaneous dark web and clear net data leak site on March 26. The dAn0n group is often lumped in with…
The UK has taken one of the most decisive steps yet in the global fight against ransomware. Following a summer of attacks that disrupted healthcare, retail, and legal services, the government has confirmed that a targeted ban on ransom payments and a universal reporting requirement will become law…
Let’s stop pretending this is new. It is 2025. We have had years, decades of advice, warnings, and horror stories about password security. And still, people are reusing passwords like it is 2005. We are not talking about random Internet users, either. We are talking about businesses, infrastructure…
Sometimes supposedly small things make a huge difference. This can also be true in cyber security configurations. In recent weeks, multiple partners described very similar cyber attacks their customers faced, and in some cases, the criminals were unfortunately even successful in compromising…
Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/nailaolocker Analysis for NailaoLocker was first unveiled by researchers from the Orange Cyberdefense CERT and Trend Micro in mid-February 2025. In addition to a technical analysis of the NailaoLocker, it also included analyses…
Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/yashma Note: This page is dedicated to the Yashma (Chaos v6.0) ransomware builder and does not reflect any encryptors created from the builder. Note: This is the second iteration of the Chaos ransomware builder series. For…
Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/chaos-v50 Note: This page is dedicated to the Chaos v5.0 ransomware builder and does not reflect any encryptors created from the builder. Note: This is the second iteration of the Chaos ransomware builder series. For preliminary…
Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/chaos-v40 Note: This page is dedicated to the Chaos v4.0 ransomware builder and does not reflect any encryptors created from the builder. Note: This is the second iteration of the Chaos ransomware builder series. For preliminary…