There are still impediments to overcome before companies and agencies can get more broadly aggressive in cyberspace, both legal and commercial.

The financially motivated threat group demonstrates deep knowledge of hybrid cloud environments, which allows it to rapidly steal sensitive data, destroy backups and encrypt systems for ransomware.

The malware, called PromptLock, essentially functions as a hard-coded prompt injection attack on a large language model, inspecting local filesystems, exfiltrating files and encrypting data.

The electronics manufacturer and software vendor serves major automotive suppliers and top tech firms.

Operation Serengeti 2.0 dismantled almost 11,500 malicious infrastructures between June and August. Officials arrested more than 1,200 alleged cybercriminals.

The State Department also announced financial rewards totaling up to $6 million for information leading to the arrest or conviction of Garantex’s leaders.

Chris Sestito, CEO of HiddenLayer Technologies

The vendor ruled out a zero-day vulnerability as the root cause, disputing initial assessments from third-party researchers. Fewer than 40 organizations have been impacted since mid-July.

Chris Butera, Acting Executive Assistant Director for CISA’s Cybersecurity Division, and Bob Costello, CIO of CISA

The Department of Homeland Security said the Russian cybercrime collective received at least $370 million in ransom payments, based on current cryptocurrency valuations.