Ransomware is considered by many experts to be most pressing security risk facing businesses – and its extremely lucrative for the gangs involved, with ransom payouts increasing significantly.

Research from CrowdStrike reveals that Golang-based malware increased by 80% between June and August. Cryptominers had the largest share, accounting for 70% of the total malware samples detected.

Last week, some 300 WordPress sites witnessed a wave of attacks, displaying fake encryption notices and asking for a ransom of 0.1 Bitcoin. 

The attackers are using legitimate-looking apps (such as utility apps, password managers, app launchers, or data savers), where users are lured into downloading malicious apps laden with malware. 

The malware accesses cellular webpages (payment endpoints) by mobile data and carries out unauthorized payment transactions. Additionally, it steals OTPs used as authentication for transactions.

A new ransomware group called Memento takes the unusual approach of locking files inside password-protected archives after their encryption method kept being detected by security software.

Researchers have described two new attack methods that can be used to “blind” cybersecurity products that rely on a logging mechanism named Event Tracing for Windows (ETW).

The campaign appears to be targeting only employees working in the Middle East as “a single campaign” in a series of similar, SharePoint-themed phishing scams, researcher Chad Anderson wrote.

The investment, led by Coatue Management LLC with participation from existing investors Benchmark Capital, Thrive Capital, and Index Ventures, comes just four months after Stytch raised $30M Series A.

The Federal Bureau of Investigation (FBI) warned of an advanced persistent threat (APT) compromising FatPipe router clustering and load balancer products to breach targets’ networks.