ShrinkLocker, a recently discovered ransomware, uses BitLocker, a Windows feature, to encrypt victims’ data. The malware targets systems in Mexico, Jordan, and Indonesia, reduces the size of non-boot partitions and creates new primary partitions. It disables BitLocker encryption key protections before enabling a numerical password to encrypt data. Decrypting the data is challenging due to variables on each affected device. Kaspersky recommends robust endpoint protection, traffic logging and monitoring, and regular backups to mitigate potential attacks.

Lazarus Hackers Exploiting IIS Servers to Deploy ASP-based Web Shells
The Lazarus group has launched sophisticated attacks on South Korean web servers, deploying ASP-based web shells as first-stage Command and Control (C2) servers. These attacks,