News Gist .News

Articles | Politics | Finance | Stocks | Crypto | AI | Technology | Science | Gaming | PC Hardware | Laptops | Smartphones | Archive

Ransomware Payments Should Not Be Illegal

Ransomware has become a growing problem for organizations worldwide, with malware attacks being one of the most common types of security incidents. In response, proposals to make ransomware payments illegal have been gaining traction, but this approach may not be a viable solution to combat the scourge of ransomware. The moral imperative in some situations suggests that paying the ransom is a necessary evil to prevent harm to human lives.

See Also

2024 has been marked as a record-breaking year for ransomware attacks, with a 65% increase in detected groups and 44 new malware variants contributing to almost a third of undisclosed attacks. The healthcare, government, and education sectors were disproportionately affected, while emerging groups like LockBit and RansomHub accounted for a significant number of incidents, highlighting the growing sophistication of cybercriminals. As organizations face escalating financial and reputational risks, the need for proactive cybersecurity measures has never been more urgent.

The modern-day cyber threat landscape has become increasingly crowded, with Advanced Persistent Threats (APTs) becoming a major concern for cybersecurity teams worldwide. Group-IB's recent research points to 2024 as a 'year of cybercriminal escalation', with a 10% rise in ransomware compared to the previous year, and a 22% rise in phishing attacks. The "Game-changing" role of AI is being used by both security teams and cybercriminals, but its maturity level is still not there yet.

A recently discovered trio of vulnerabilities in VMware's virtual machine products can grant hackers unprecedented access to sensitive environments, putting entire networks at risk. If exploited, these vulnerabilities could allow a threat actor to escape the confines of one compromised virtual machine and access multiple customers' isolated environments, effectively breaking all security boundaries. The severity of this attack is compounded by the fact that VMware warned it has evidence suggesting the vulnerabilities are already being actively exploited in the wild.

Microsoft's AI assistant Copilot will no longer provide guidance on how to activate pirated versions of Windows 11. The update aims to curb digital piracy by ensuring users are aware that it is both illegal and against Microsoft's user agreement. As a result, if asked about pirating software, Copilot now responds that it cannot assist with such actions.

The Lee Enterprises ransomware attack is affecting the company's ability to pay outside vendors, including freelancers and contractors, as a result of the cyberattack that began on February 3. The attack has resulted in widescale outages and ongoing disruption at dozens of newspapers across the United States, causing delays to print editions and impacting various aspects of the company's operations. Lee Enterprises has confirmed that hackers "encrypted critical applications," including those related to vendor payments.

A broad overview of the four stages shows that nearly 1 million Windows devices were targeted by a sophisticated "malvertising" campaign, where malware was embedded in ads on popular streaming platforms. The malicious payload was hosted on platforms like GitHub and used Discord and Dropbox to spread, with infected devices losing login credentials, cryptocurrency, and other sensitive data. The attackers exploited browser files and cloud services like OneDrive to steal valuable information.

Apple's appeal to the Investigatory Powers Tribunal may set a significant precedent regarding the limits of government overreach into technology companies' operations. The company argues that the UK government's power to issue Technical Capability Notices would compromise user data security and undermine global cooperation against cyber threats. Apple's move is likely to be closely watched by other tech firms facing similar demands for backdoors.

Google's security measures have been breached by fake spyware apps, which are hidden in plain sight on the Google Play Store. These malicious apps can cause immense damage to users' devices and personal data, including data theft, financial fraud, malware infections, ransomware attacks, and rootkit vulnerabilities. As a result, it is crucial for smartphone users to take precautions to spot these fake spyware apps and protect themselves from potential harm.

Vishing attacks have skyrocketed, with CrowdStrike tracking at least six campaigns in which attackers pretended to be IT staffers to trick employees into sharing sensitive information. The security firm's 2025 Global Threat Report revealed a 442% increase in vishing attacks during the second half of 2024 compared to the first half. These attacks often use social engineering tactics, such as help desk social engineering and callback phishing, to gain remote access to computer systems.

Cybersecurity experts have successfully disrupted the BadBox 2.0 botnet, which had compromised over 500,000 low-cost Android devices by removing numerous malicious apps from the Play Store and sinkholing multiple communication domains. This malware, primarily affecting off-brand devices manufactured in mainland China, has been linked to various forms of cybercrime, including ad fraud and credential stuffing. Despite the disruption, the infected devices remain compromised, raising concerns about the broader implications for consumers using uncertified technology.

A company's executives received an extortion letter in the mail claiming to be from BianLian ransomware group, demanding payment of $250,000 to $350,000 in Bitcoin within ten days. However, cybersecurity researchers have found that the attacks are likely fake and the letter's contents bear no resemblance to real ransom notes. Despite this, the scammers are using a new tactic by sending physical letters, potentially as part of an elaborate social engineering campaign.

Google has informed Australian authorities it received more than 250 complaints globally over nearly a year that its artificial intelligence software was used to make deepfake terrorism material, highlighting the growing concern about AI-generated harm. The tech giant also reported dozens of user reports warning about its AI program Gemini being used to create child abuse material. The disclosures underscore the need for better guardrails around AI technology to prevent such misuse.

Reddit will now issue warnings to users who "upvote several pieces of content banned for violating our policies" within a certain timeframe, starting first with violent content. The company aims to reduce exposure to bad content without penalizing the vast majority of users, who already downvote or report abusive content. By monitoring user behavior, Reddit hopes to find a balance between free speech and maintaining a safe community.

The Department of Justice has criminally charged 12 Chinese nationals for their involvement in hacking over 100 US organizations, including the Treasury, with the goal of selling stolen data to China's government and other entities. The hackers used various tactics, including exploiting email inboxes and managing software, to gain access to sensitive information. China's government allegedly paid "handsomely" for the stolen data.

Artificial Intelligence (AI) is increasingly used by cyberattackers, with 78% of IT executives fearing these threats, up 5% from 2024. However, businesses are not unprepared, as almost two-thirds of respondents said they are "adequately prepared" to defend against AI-powered threats. Despite this, a shortage of personnel and talent in the field is hindering efforts to keep up with the evolving threat landscape.

A 37-year-old Tennessee man has been arrested for allegedly stealing Blu-rays and DVDs from a manufacturing and distribution company used by major movie studios and sharing them online before the movies' scheduled release dates, resulting in significant financial losses to copyright owners. The alleged DVD thief, Steven Hale, is accused of bypassing encryption that prevents unauthorized copying and selling stolen discs on e-commerce sites, causing an estimated loss of tens of millions of dollars. This arrest marks a growing trend in law enforcement efforts to curb online piracy.

Teens increasingly traumatized by deepfake nudes clearly understand that the AI-generated images are harmful. A surprising recent Thorn survey suggests there's growing consensus among young people under 20 that making and sharing fake nudes is obviously abusive. The stigma surrounding creating and distributing non-consensual nudes appears to be shifting, with many teens now recognizing it as a serious form of abuse.

Seagate's ongoing issues with counterfeit hard drive sales have taken a new turn, as scammers have discovered methods to manipulate Field Accessible Reliability Metrics (FARM) values, making it difficult for consumers to detect tampered devices. This latest development presents a significant challenge for Seagate and its customers, who must now find alternative ways to verify the authenticity of their purchases. The company has advised resellers to buy drives only from certified distribution partners to ensure authenticity.

AI image and video generation models face significant ethical challenges, primarily concerning the use of existing content for training without creator consent or compensation. The proposed solution, AItextify, aims to create a fair compensation model akin to Spotify, ensuring creators are paid whenever their work is utilized by AI systems. This innovative approach not only protects creators' rights but also enhances the quality of AI-generated content by fostering collaboration between creators and technology.

Britain's media regulator Ofcom has set a March 31 deadline for social media and other online platforms to submit a risk assessment around the likelihood of users encountering illegal content on their sites. The Online Safety Act requires companies like Meta, Facebook, Instagram, and ByteDance's TikTok to take action against criminal activity and make their platforms safer. These firms must assess and mitigate risks related to terrorism, hate crime, child sexual exploitation, financial fraud, and other offences.

Microsoft has confirmed that its Windows drivers and software are being exploited by hackers through zero-day attacks, allowing them to escalate privileges and potentially drop ransomware on affected machines. The company patched five flaws in a kernel-level driver for Paragon Partition Manager, which were apparently found in BioNTdrv.sys, a piece of software used by the partition manager. Users are urged to apply updates as soon as possible to secure their systems.

Zapier, a popular automation tool, has suffered a cyberattack that resulted in the loss of sensitive customer information. The company's Head of Security sent a breach notification letter to affected customers, stating that an unnamed threat actor accessed some customer data "inadvertently copied to the repositories" for debugging purposes. Zapier assures that the incident was isolated and did not affect any databases, infrastructure, or production systems.

The US Treasury Department announced it will not enforce an anti-money laundering law requiring the disclosure of beneficial owners, citing concerns for low-risk entities and small businesses. This decision comes amid repeated legal challenges to the Biden-era Corporate Transparency Act, which aims to combat illicit funds laundering in the United States. The act's supporters argue that its abandonment undermines efforts to tackle money laundering.

A U.S.-based independent cybersecurity journalist has declined to comply with a U.K. court-ordered injunction that was sought following their reporting on a recent cyberattack at U.K. private healthcare giant HCRG, citing a lack of jurisdiction. The law firm representing HCRG, Pinsent Masons, demanded that DataBreaches.net "take down" two articles that referenced the ransomware attack on HCRG, stating that if the site disobeys the injunction, it may face imprisonment or asset seizure. DataBreaches.net published details of the injunction in a blog post, citing First Amendment protections under U.S. law.

Organizations are increasingly grappling with the complexities of data sovereignty as they transition to cloud computing, facing challenges related to compliance with varying international laws and the need for robust cybersecurity measures. Key issues include the classification of sensitive data and the necessity for effective encryption and key management strategies to maintain control over data access. As technological advancements like quantum computing and next-generation mobile connectivity emerge, businesses must adapt their data sovereignty practices to mitigate risks while ensuring compliance and security.