TRU Security

Researchers have discovered a previously unknown variant of the Gimmick malware targeting Mac systems. Gimmick is believed to be a form of spyware from a Chinese threat actor called Storm Cloud. This ongoing campaign takes aim at both macOS and Windows, and aims to be stealthy and hard to spot.

After a recent Microsoft Defender for Endpoint update, administrators started to receive multiple ransomware alerts on clean system files in relation to Office updates.

Multiple government sites in Ukraine were shut down on January 13, 2022, the result of a large-scale cyberattack by the WhisperGate malware. Microsoft Intelligence named this activity "DEV-0586" and identified it as destructive malware that used to be ransomware. Its main purpose is to disrupt the system and damage files beyond the possibility of their recovery.

Pandora ransomware has hit the Japan-based DENSO Corporation, one of the largest automotive parts manufacturers in the world. DENSO — which has more than 200 subsidiaries, almost 170,000 employees, and an annual revenue of over $44 billion — provides parts to Toyota, who just dealt with their own cyberattack, as well as Mercedes-Benz, Fiat, and others.

Video game developer Ubisoft, known for games like the Assassins Creed, Far Cry, Just Dance, and Prince of Persia series, has suffered a ransomware attack at the hands of the very active Lapsus$ ransomware gang — who also recently claimed victims like Samsung and Nvidia.

The infamous Emotet botnet was crippled by a joint task force in early 2021, but it was only a matter of months before an improved version began spreading in November. Emotet now has more than 130,000 unique bots in 179 countries around the world.

Rompetrol, the operator of Romania's largest oil refinery — which produces more than 5 million tons of oil per year — has become a victim of Hive ransomware.