You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
ransomware
About this tag
Ransomware remains a dominant threat for Windows environments, as shown by recent coverage on WindowsForum.com. Topics include the Mistic backdoor used by KongTuke for pre-ransomware stealth, DragonForce hiding C2 traffic in Microsoft Teams relays, and AI-assisted toolkits accelerating Active Directory discovery and EDR evasion. The EternalBlue exploit and its role in WannaCry and NotPetya outbreaks is also examined, alongside broader trends like hacktivist groups adopting ransomware and the impact on cyber insurance. These discussions emphasize the importance of patching, monitoring trusted traffic, and hardening identity controls against evolving ransomware tactics.
On June 24, 2026, Broadcom’s Symantec threat hunters disclosed a new Windows backdoor called Mistic that has been used since at least April 2026 in intrusions tied to the ransomware access broker KongTuke, also known as Woodgnat. The discovery matters because Mistic is not just another commodity...
Security Affairs published Round 582 of Pierluigi Paganini’s international newsletter on June 21, 2026, collecting a week of ransomware, malware, vulnerability, data-breach, and cyber-policy stories that together show how much of today’s security crisis has moved to the exposed edge of ordinary...
Australian insurers need to understand that INTERPOL’s 2025/2026 Asia and South Pacific cyber assessment, published in 2026, depicts a regional threat environment where ransomware, DDoS, infostealers, phishing, AI-enabled scams and cross-border fraud are intensifying while cyber insurance...
On June 16 and 17, 2026, Symantec and Security Affairs reported that DragonForce ransomware operators used a custom Go backdoor, Backdoor.Turn, to hide command-and-control traffic inside legitimate Microsoft Teams relay infrastructure during an intrusion at a major U.S. services company. The...
Attackers deploying DragonForce ransomware against a major U.S. services company in December 2025 hid command-and-control traffic inside Microsoft Teams relay infrastructure using a custom Go backdoor tracked by Symantec as Backdoor.Turn. The technical novelty is not that Teams was “hacked,” but...
Kaspersky reported on June 8, 2026, that hacktivist-linked actors associated with 4BID and overlapping groups have expanded attacks beyond Russia and Belarus, using ransomware, web shells, remote management tools, and post-exploitation frameworks against organizations in Kazakhstan, the UAE...
Sophos’ June 2, 2026 report, amplified by BleepingComputer the same day, describes an AI-assisted ransomware toolkit that automated Active Directory discovery and EDR evasion testing in a Windows-heavy lab using Cursor and Claude Opus agents across coding, analysis, and revision stages. The...
EternalBlue is not just a name from a security blog — it’s one of the most consequential Windows exploits of the last decade, and understanding it is essential for anyone who manages, administers, or relies on Windows systems. In plain terms: EternalBlue is a network-level exploit that abused a...
Acronis Cyber Protect 17 lands as a major incremental release that doubles down on an aggressive one‑stop pitch: combine enterprise‑grade backup, recovery, and endpoint security into a single pane of glass and sell it to businesses that want fewer vendors and stronger ransomware resilience. This...
Set Up Controlled Folder Access to Stop Ransomware (and Allow Trusted Apps)
Difficulty: Intermediate | Time Required: 15 minutes
Controlled Folder Access (CFA) is a built-in Windows security feature designed to stop ransomware and other untrusted apps from silently modifying your important...
Arctera’s latest maintenance refresh, Backup Exec 25.1, arrives as a focused, practical upgrade that treats identity protection, Microsoft 365 resilience and ransomware-hardened storage as first-class concerns — not optional extras. The release tightens integration between identity and data...
Microsoft’s blunt reminder landed like a splash of cold water for IT teams: unmanaged, forgotten, or otherwise overlooked devices are not just an operational nuisance — they are a favoured pathway for attackers that can turn a single weak endpoint into a full-blown ransomware crisis. Microsoft’s...
Cyber extortion has moved from episodic crisis to structural risk: in the months leading into 2026 we’re seeing a sustained surge in ransomware and extortion activity driven by a volatile mix of state‑aligned operators, opportunistic criminal syndicates, politically motivated hacktivists, and...
Cohesity’s announcement that its partnership with Microsoft has driven “exceptional growth and innovation” is more than marketing rhetoric — it reflects a deliberate, product-level deepening of integration across Azure, Microsoft 365, and Microsoft Security, paired with measurable go‑to‑market...
If you want real protection without turning your PC into an island, there are a handful of settings in Windows 11 that deliver the best return on effort: stronger authentication tied to hardware, always-on endpoint defenses, ransomware-focused folder protections, and the ability to locate or...
The Louvre’s security humiliation—reports that a surveillance server could be accessed with the password “LOUVRE”—has turned a sensational daytime robbery of the Galerie d’Apollon into a wider institutional reckoning over museum cybersecurity, procurement failures and the real-world consequences...
ESET Small Business Security arrives as a compact, familiar-looking security suite that wraps ESET’s long-standing antivirus engine into a small‑business‑friendly package — but the reality beneath the polished interface is a mixture of rock‑solid lab results, practical business controls, and...
This week’s Security Affairs roundup stitches together a worrying mosaic: ransomware extortion and data-leak threats hitting critical infrastructure, proof‑of‑concept and real‑world exploits of a long‑standing Linux kernel flaw, a dramatic law‑enforcement revelation that casino card‑shufflers...
Google’s October Workspace Drop is a far-reaching push to make Gemini the connective tissue of productivity — adding cinematic video generation, presentation automation, live translation, spreadsheet-level automation, and even AI-assisted ransomware protection — a package that shifts Workspace...
Microsoft’s blunt warning landed with blunt clarity: running unsupported Windows 10 (or any unsupported OS) isn’t merely an inconvenience — it’s an open invitation to attackers. That message, amplified in consumer reporting from Kurt “the CyberGuy” and repeated across Microsoft’s security...