Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files
Article Link: https://www.darkreading.com/threat-intelligence/flaw-hacktivist-ransomware-victims-decrypt-files
- Researchers found a flaw in a hacktivist ransomware strain that lets some victims unlock their files without paying, based on how the malware handles its encryption process.
- The ransomware stores key information on the infected system in a way defenders can reconstruct, allowing recovery without contacting the attackers.
- Investigators observed that while the group promoted its activity loudly, the ransomware itself re-used common methods and showed technical gaps.
- The incident shows that attacker tools are not flawless either and careful defensive analysis can uncover cracks in the ransomware itself, giving blue teams a rare chance to turn the tables without escalating the fight.
Initial Access Brokers Involved in More Attacks, Including on Critical Infrastructure
Article Link: https://www.cybersecuritydive.com/news/initial-access-brokers-check-point/807315/
- A new analysis from Check Point shows that initial access brokers are playing a larger role in modern attacks by selling early network entry points to other threat actors.
- The report explains that this trade has shifted from a side activity into a steady business model, allowing attackers to skip reconnaissance and move straight into exploitation.
- Researchers observed that brokered access is now used by both criminal groups and state-aligned actors that are pursuing longer-term objectives.
- Check Point notes that limiting this activity depends on implementing timely updates, tighter authentication, and closer monitoring of unusual login patterns.
- Link to Check Point’s Report: https://blog.checkpoint.com/executive-insights/cyber-threats-to-the-u-s-what-policymakers-need-to-know-for-2026/
New Research Uncovers the Alliance Between Qilin, DragonForce and LockBit
Article Link: https://cybersecuritynews.com/new-research-uncovers-the-alliance-between-qilin/
- New research reveals that three major ransomware groups announced an alliance in 2025, with DragonForce publicly posting about coordination with Qilin and LockBit on an underground forum.
- The coalition formed as pressure from law enforcement disrupted infrastructure and recruiting, pushing groups to cooperate rather than operate independently.
- Tracking data from 2025 shows ransomware claims increased overall, while activity tied to the largest groups declined, spreading incidents across a wider set of actors.
- Researchers also found that fewer victim organizations paid ransoms in recent quarters, with typical payment amounts falling and a smaller share of victims choosing to pay.
SantaStealer Attacks Users to Exfiltrates Sensitive Documents, Credentials, and Wallet Data
Article Link: https://cybersecuritynews.com/santastealer-attacks-users/
- Researchers reported on a malware strain called “SantaStealer” that targets users to collect documents, login details, and cryptocurrency wallet information from infected systems.
- The malware spreads through deceptive downloads and installs quietly, scanning affected devices for stored credentials, browser data, and files that can be resold or reused.
- Analysis shows SantaStealer focuses on gathering information rather than causing disruption, allowing it to remain active while extracting sensitive material over time.
- Investigators say limiting exposure depends on cautious download habits, timely software updates, and attention to unexpected system behavior that may signal hidden data collection.
Coupang Data Breach Traced to Ex-Employee Who Retained System Access
Article Link: https://www.bleepingcomputer.com/news/security/coupang-data-breach-traced-to-ex-employee-who-retained-system-access/
- Coupang disclosed that a data breach affecting customer information was traced to a former employee who retained system access after leaving the company.
- Investigators found the individual was able to enter internal systems using credentials that were not disabled, allowing unauthorized access over an extended period.
- The company said the activity was detected internally and reported to regulators, with findings showing the exposure resulted from internal access gaps rather than an outside break-in.
- Coupang said it has tightened employee offboarding steps and reviewed internal permissions, showing how overlooked accounts can quietly turn into a serious business problem.
Data Breach at Credit Check Giant 700Credit Affects at Least 5.6 million
Article Link: https://techcrunch.com/2025/12/12/data-breach-at-credit-check-giant-700credit-affects-at-least-5-6-million/
- Credit profile provider 700Credit disclosed that a data breach exposed personal information for at least 5.6 million people, making it one of the largest breaches affecting credit-related systems this year.
- The company said the exposed data included names, addresses, Social Security numbers, and other personal details tied to credit checks, although no financial account information was taken.
- 700Credit stated it discovered the breach after identifying unusual activity, then began notifying affected users and working with law enforcement and regulators.
- In its disclosure, the firm said it is reviewing its security practices and offering resources to affected people, while urging those impacted to monitor their accounts and consider protective steps.
- Link to 700Credit’s Incident Report Information: https://www.700credit.com/notice/
AI is Causing All Kinds of Problems in the Legal Sector
Article Link: https://cyberscoop.com/ai-deepfakes-causing-big-problems-in-the-legal-sector-aba-report/
- A new American Bar Association (ABA) report found that AI tools are creating growing challenges across the legal sector as deepfake audio, video, and images increasingly appear in courtrooms and legal proceedings.
- The report explains that lawyers and judges are using AI for research and document drafting, while the same technology can also be used to generate convincing fake material that complicates evidence review.
- Judges have already encountered AI-generated court filings containing incorrect citations and have faced difficulty verifying authenticity when manipulated media is presented as evidence.
- The ABA says courts and legal professionals are still working through how to manage AI use in practice, as deepfakes and automated tools raise new concerns around evidence, integrity, and trust.
- Link to the ABA’s Report and AI Task Force: https://www.americanbar.org/groups/centers_commissions/center-for-innovation/artificial-intelligence/
U.S. Charges Alleged Former Accenture Employee with Misleading Feds on Cloud Platform’s Security
- U.S. prosecutors charged an alleged former Accenture employee with misleading federal officials about the security posture of a cloud platform used by government customers.
- Court filings allege the employee provided false and incomplete statements about known issues, which affected how federal agencies evaluated the platform.
- The charges relate to statements made during required government compliance and review processes tied to federal contracting rules.
- Prosecutors say the asserted conduct occurred during interactions with federal reviewers, where disclosures about the platform were part of official assessments.
Top 10 Cyber-Attacks of 2025
Article Link: https://www.infosecurity-magazine.com/news-features/top-10-cyberattacks-of-2025/
- Infosecurity Magazine reviewed the ten most disruptive attacks of 2025, spanning ransomware, data theft, supply chain abuse, and attacks tied to geopolitical tension.
- The incidents show how attackers mixed familiar tactics with scale and timing, using known weaknesses, third-party access, and trusted platforms to reach large numbers of victims.
- Several attacks caused prolonged outages, major financial losses, or public safety concerns, showing how digital incidents increasingly spill into physical and economic consequences.
- The roundup points to a year where attackers repeatedly found success by exploiting trust relationships and speed, while defenders were often left reacting after the damage was already done.
