Tootfinder

Yet another major Korean cyber incident
Kyowon Group shuts down internal network after suspected ransomware attack
https://koreajoongangdaily.joins.com/news/2026-01-12/business/tech/Kyo…

Kyowon Group shuts down internal network after suspected ransomware attack
Kyowon Group said on Monday it had shut down parts of its internal network after detecting what it believes to be a ransomware attack and is investigating whether any customer data was compromised.

Suspected ransomware attack threatens one of South Korea’s largest companies https://therecord.media/kyowon-group-south-korea-suspected-ransomware-attack

On ransomware and under-funded GLAMs: 'At no point was the British Library particularly negligent or unprepared. Instead, it was hindered by vulnerabilities shared by the majority of cultural institutions. In this respect, the attack doesn’t just represent an isolated failure – it’s a warning to the whole sector.'

Ransomware: software que secuestra sus datos.
Randomware: software que hace lo que le da la gana y secuestra sus esperanzas.
#shitpost

Picus Security, an interesting security vendor I only recently became aware of, has a report out on the Fog Ransomware group. An easy protective control to put in place based on this group's TTPs is to block *.netlify.app. This is the domain used by Netlify's free tier apps and is being abused. Note that most legitimate business customers of Netlify will use their own domains to access Netlify apps, so blocking their free tier domain is not likely to impact your users.

So much cybersecurity news, so little time. Check out today's Metacurity for a quick run-down of the most crucial infosec developments you should know today, including
--Hackers claim to be selling Target's internal source code,
--Poland thwarted power system cyberattack,
--Hackers accessed the systems of Spanish energy provider Endesa and Energía XXI,
--Personal finance platform Betterment was hacked through third-party,
--Dutch national sentenced to sev…

Hackers claim to be selling Target's internal source code
Poland thwarted power system cyberattack, Hackers accessed the systems of Spanish energy provider Endesa and Energía XXI, Personal finance platform Betterment was hacked through third-party, Dutch national sentenced to seven years for hacking, Korea's Kyowon Group hit with ransomware, much more

»Ransomware-Angriffe in der DACH-Region steigen deutlich:
Die Bedrohung durch Ransomware wächst weiter. Kaspersky registrierte 2025 in Deutschland 384 Angriffe – ein deutlicher Anstieg im Vergleich zu 233 im Jahr 2024.«
Betreffen kann dies uns alle aber das min die E-Mails kryptografisch signiert sind wenn nicht verschlüsselt, wäre ein Punkt mehr für mehr Sicherheit und setzt nicht blind ua auf Microschrott.
🔓

Ransomware-Angriffe in der DACH-Region steigen deutlich
Die Bedrohung durch Ransomware wächst weiter. Kaspersky registrierte 2025 in Deutschland 384 Angriffe – ein deutlicher Anstieg im Vergleich zu 233 im Jahr 2024.

Payment tech provider for Texas, Florida governments working with FBI to resolve ransomware attack https://therecord.media/payment-tech-provider-texas-florida-govs-ransomware-attack

CISA updated ransomware intel on 59 bugs last year without telling defenders
https://www.theregister.com/2026/02/03/greynoise_cisa_ransomware_gripe/

CISA updated ransomware intel on 59 bugs last year without telling defenders
: GreyNoise's Glenn Thorpe counts the cost of missed opportunities

More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years https://therecord.media/fincen-treasury-2-billion-ransomware-payments-report