The Arcus Media ransomware, launched in May 2024, targets diverse industries using advanced techniques like privilege escalation, selective encryption with ChaCha20, and backup disruption. It employs double extortion tactics by exfiltrating data and threatening public leaks. To mitigate risks, organizations should maintain offline backups, utilize robust EDR solutions, and educate employees on phishing threats.
North Korean hackers step up phishing attacks on Ukraine government
North Korean state-sponsored cyber actor, TA406, is carrying out phishing attacks and credential-stealing operations against Ukrainian government entities to gather intelligence on the Russian invasion,
