Three employees at cybersecurity companies spent years moonlighting as criminal hackers, launching their own ransomware attacks in a plot to extort millions of dollars from victims around the country, US prosecutors allege https://t.co/uVx9DtjhqV ...

Three people, including two U.S. ransomware negotiators, are accused of working on behalf of the ALPHV/BlackCat ransomware gang. https://t.co/o2sug8dXAz ...

Core Insights - The 2025 European Threat Landscape Report by CrowdStrike indicates that European organizations represent nearly 22% of global ransomware and extortion victims, ranking second after North America [1] - Ransomware operations are accelerating, with adversary groups like SCATTERED SPIDER increasing deployment speed by 48%, resulting in an average attack duration of just 24 hours [1] Summary by Category Ransomware Impact - European organizations are significantly affected, accounting for almost 22% of global ransomware victims [1] - This positions Europe as the second most impacted region, following North America [1] Ransomware Operations - The speed of ransomware deployment is increasing, with a noted 48% rise in speed by groups such as SCATTERED SPIDER [1] - The average time taken for a ransomware attack has decreased to just 24 hours [1]

Cybersecurity Threats in Japan - A recent wave of cyberattacks has revealed significant vulnerabilities in Japanese businesses' digital defenses, raising concerns about potential disruptions to sales and supply chains [1] - In the first half of the year, there were 116 reported cases of ransomware attacks, matching a record from 2022, indicating a troubling trend in cybersecurity threats [2] Impact on Companies - Asahi Group Holdings Ltd. had to take its distribution system offline due to a ransomware attack, reverting to phone orders for its products [1] - Retailers relying on Askul Corp. lost access to their e-commerce platforms, affecting their ability to sell online [4] - The Port of Nagoya suspended operations in 2023 after a ransomware attack disrupted communication systems, highlighting the broader impact on critical infrastructure [6] Factors Contributing to Vulnerabilities - The rise of remote work post-pandemic, increased use of cryptocurrency, and advancements in artificial intelligence have made it easier for cybercriminals to operate [2] - Japan's slower adoption of digital workflows and limited English proficiency have historically acted as protective barriers, but these are diminishing as companies seek to pay ransoms [5] Corporate Cybersecurity Practices - Approximately 46% of Japanese companies have appointed a Chief Information Security Officer (CISO), significantly lower than the global average of about 70%, indicating a lack of in-house cybersecurity expertise [7] - The tendency for Japanese companies to rely heavily on system integrators has reduced their internal cybersecurity capabilities, as IT is not integrated into corporate strategy [7] Regional Cybercrime Context - Despite the recent increase in attacks, Japan's scale of cybercrime remains relatively small compared to North America, which accounted for 64% of global victims in September [8] - The Asia-Pacific region represented 12% of global cybercrime victims, but this number may rise as Japan experiences its first wave of significant cyber threats [8][9]

Core Viewpoint - A ransomware attack has disrupted the MuniOS platform, affecting the ability of state and local borrowers to post debt documents in the $4.3 trillion municipal bond market [1][2]. Group 1: Impact on Municipal Bond Market - MuniOS, operated by ImageMaster LLC, has been out of service for several days, impacting the posting of bond offering documents [1]. - Despite the outage, market participants have not reported delays in transactions, although some issuers are using alternative platforms like BondLink [2][4]. - The municipal bond market is crucial for financing infrastructure projects for states, cities, and other entities [3]. Group 2: Operational Adjustments - Issuers are resorting to traditional methods, such as sending large-file PDFs directly and making extensive phone calls to investors [4]. - The Texas Transportation Commission successfully posted documents for a $1.8 billion sale on a different platform, McElwee & Quinn LLC, and provided physical copies to investors [5]. Group 3: Cybersecurity Concerns - Ransomware attacks have become a significant concern, with recent high-profile incidents affecting various corporations [6]. - The municipal market has seen growing concerns over cyber risks, highlighted by a previous incident where a bond sale was hacked [7]. - The MuniOS platform, launched in 1999, holds a significant market share, with over 70% reported in 2017 [7]. Group 4: Regulatory Response - The Municipal Securities Rulemaking Board has advised issuers to use its EMMA website for posting preliminary official statements and other market information during the MuniOS outage [8].

Security Breach - A Russian-speaking hacker group known as Qilin claimed responsibility for a ransomware attack [1] - The ransomware attack impacted Asahi Group Holdings' operations for over a week [1]

Core Insights - Oracle Corporation has alerted its E-Business Suite customers about extortion emails following a significant hacking campaign [1][2] - The ransomware group cl0p is linked to the extortion campaign, which has been described as "high volume" by Alphabet Inc. [3] - Ransom demands from the cybercriminals have ranged from millions to tens of millions of dollars, with the highest demand reaching $50 million [4] Company Updates - Oracle has urged its clients to update their software to mitigate risks from known vulnerabilities exploited by hackers [2] - In September, Oracle appointed Clay Magouyrk and Mike Sicilia as co-CEOs, with Safra Catz transitioning to executive vice chair of the board [6] - An insider sale was executed by Naomi O. Seligman, a Director at Oracle, who sold 2,222 shares valued at approximately $641,958 [7] Industry Context - The cyberattack on Oracle's customers is part of a broader trend of high-profile hacking incidents affecting major corporations, including recent attacks on Google and TransUnion [4][5] - Google previously confirmed a data breach affecting its customers, attributed to a hacking group known as ShinyHunters [5]

Cyber Security Incident - Asahi 首次披露网络攻击者使用勒索软件使其国内啤酒厂停产 [1]

Google says hackers associated with the Clop ransomware gang are emailing executives at multiple organizations claiming to have stolen their personal information from a suite of Oracle E-Business apps. https://t.co/IehfjZw3fX ...

Executives at large organizations are being extorted by a notorious ransomware group, which claims to have stolen data from them via Oracle’s popular E-Business Suite applications, according to a Google cybersecurity executive https://t.co/SWPVpUblGA ...