News

#StopRansomware: Interlock Advisory Released by CISA and FBI

Luciano Ferrari

21 Jan 2026 — 2 min read

Wednesday, January 21, 2026

Top 5 Cybersecurity Stories You Should Know

#StopRansomware: Interlock Advisory Released by CISA and FBI — tl;dr: The CISA and FBI have issued a joint advisory on Interlock ransomware, first detected in September 2024, targeting businesses and critical infrastructure in North America and Europe. This ransomware employs a double extortion model, encrypting data after exfiltration and using unique codes for ransom communication via Tor. Organizations are urged to enhance security measures, including DNS filtering, patch management, and multifactor authentication, to mitigate risks. The advisory details tactics, techniques, and indicators of compromise to help defenders strengthen their defenses against this evolving threat.
↪ https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a
Everest Ransomware Claims Breach of McDonald's India, Exposing Customer Data — tl;dr: The Everest ransomware group has claimed a significant breach of McDonald's India, alleging the theft of 861 GB of customer data and sensitive internal documents. The group published internal screenshots revealing financial reports, audit trails, and a contact database containing personal information of investors and business partners. McDonald's India has yet to respond to the claims, which include a two-day deadline for the company to act. Organizations are advised to monitor their data security measures and prepare for potential fallout from such breaches.
↪ https://hackread.com/everest-ransomware-mcdonalds-india-breach-customer-data/
CISA Issues Guidance to Harden Communications Infrastructure Against Cyber Threats — tl;dr: The Cybersecurity and Infrastructure Security Agency (CISA) and partner agencies have released a guide aimed at enhancing the security of communications infrastructure, particularly in light of recent cyber espionage campaigns linked to PRC-affiliated threat actors. The guidance emphasizes the importance of visibility in network monitoring and provides best practices for network engineers to strengthen defenses against exploitation. Organizations are urged to implement robust monitoring, configuration management, and hardening strategies to mitigate vulnerabilities and reduce the risk of cyber intrusions.
↪ https://www.cisa.gov/resources-tools/resources/enhanced-visibility-and-hardening-guidance-communications-infrastructure
Critical CVE-2020-11182 Affects Qualcomm Snapdragon Products — tl;dr: CVE-2020-11182 is a critical vulnerability with a CVSS score of 9.8, affecting various Qualcomm Snapdragon products, including those in automotive, compute, and IoT sectors. The flaw arises from a buffer overflow due to insufficient checks on data length received from users, potentially leading to a heap overflow. This vulnerability poses significant risks to confidentiality, integrity, and availability. Users and organizations utilizing affected Snapdragon devices should prioritize applying the latest patches provided by Qualcomm to mitigate potential exploitation and safeguard their systems.
↪ https://feedly.com/cve/CVE-2020-11182
Google Gemini Flaw Exposes Private Calendar Data via Prompt Injection — tl;dr: A security vulnerability in Google Gemini allowed attackers to exploit prompt injection through malicious calendar invites, enabling unauthorized access to private meeting data. Researchers from Miggo Security revealed that by embedding a hidden payload in calendar event descriptions, attackers could extract sensitive information without user interaction. Although the issue has been addressed, it highlights the security risks associated with AI tools and the need for organizations to implement stringent controls to prevent unauthorized data access. Enterprises should regularly audit their AI systems and review access permissions to safeguard against such vulnerabilities.
↪ https://thehackernews.com/2026/01/google-gemini-prompt-injection-flaw.html?m=1