Cyfirma researchers discovered new ransomware variants called Core and BadIIS, targeting a range of industries globally. Core ransomware encrypts data, changes desktop wallpapers, and generates a ransom note. It targets mostly Windows systems and threatens permanent data loss if victims try to decrypt files without the attackers’ assistance. BadIIS, believed to be created by a Chinese-speaking group, targets IIS servers to influence web traffic by modifying HTTP response headers, showing users unauthorized and malicious content.
Threat actors are leaning on trusted services more than ever
Researchers have observed that cyber threats are now using legitimate services as part of their attack strategy. This trend highlights the growing complexity and sophistication
