News

#StopRansomware: Interlock Ransomware Advisory from CISA and FBI

Luciano Ferrari

06 Jan 2026 — 2 min read

Tuesday, January 6, 2026

Top 5 Cybersecurity Stories You Should Know

#StopRansomware: Interlock Ransomware Advisory from CISA and FBI — tl;dr: The FBI and CISA have issued a joint advisory on Interlock ransomware, first identified in September 2024, which targets businesses and critical infrastructure in North America and Europe. This ransomware employs a double extortion model, encrypting data after exfiltration and using unique codes for ransom communication via Tor. Initial access methods include drive-by downloads and social engineering techniques like ClickFix. Organizations are urged to implement DNS filtering, patch vulnerabilities, and enforce multifactor authentication to mitigate risks associated with Interlock ransomware attacks.
↪ https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a
FBI Reports Play Ransomware Breached 900 Organizations, Including Critical Entities — tl;dr: The FBI has revealed that the Play ransomware group has breached approximately 900 organizations as of May 2025, a significant increase from the 300 reported in October 2023. This ransomware-as-a-service operation has targeted critical infrastructure across North America, South America, and Europe since June 2022. Victims are pressured to pay ransoms after sensitive data is stolen, with the gang employing unique tactics such as recompiled malware and direct phone threats. Organizations are urged to update systems, implement multifactor authentication, and maintain offline backups to mitigate risks from Play ransomware attacks.
↪ https://www.bleepingcomputer.com/news/security/fbi-play-ransomware-breached-900-victims-including-critical-orgs/?trk=article-ssr-frontend-pulse_little-text-block
Critical CVE-2020-11182 Affects Qualcomm Snapdragon Products — tl;dr: CVE-2020-11182 is a critical vulnerability rated 9.8 on the CVSS scale, affecting various Qualcomm Snapdragon products, including those in automotive and IoT sectors. The flaw stems from a buffer overflow due to inadequate validation of data length received from users, potentially leading to a heap overflow. This vulnerability poses significant risks, including high impacts on confidentiality, integrity, and availability. Users and organizations utilizing affected Snapdragon devices should prioritize applying patches provided by Qualcomm to mitigate potential exploitation and safeguard their systems.
↪ https://feedly.com/cve/CVE-2020-11182
CVE-2024-27804: Apple Devices Vulnerable to Kernel Code Execution via Memory Bug — tl;dr: CVE-2024-27804 is a critical memory handling vulnerability in Apple devices, allowing malicious apps to execute arbitrary code with kernel privileges. This flaw affects iPhones, iPads, Macs, Apple Watches, and Apple TVs running macOS Sonoma up to 14.4. Attackers could exploit this bug to bypass security measures, steal data, or even brick devices. Apple has addressed the issue in macOS 14.5 and iOS 17.5 with improved memory handling. Users are urged to update their devices immediately to mitigate potential risks from this serious vulnerability.
↪ https://www.cve.news/cve-2024-27804/
Kroll Reports 356% Surge in CVE and Zero-Day Cyber Attacks in Q4 2021 — tl;dr: Kroll's latest report reveals a staggering 356% increase in cyber attacks exploiting common vulnerabilities and exposures (CVEs) and zero-day vulnerabilities during Q4 2021. This alarming trend highlights the urgent need for organizations to enhance their cybersecurity measures. Compliance officers should ensure robust processes for monitoring and patching software vulnerabilities, as many attacks exploit known issues that remain unaddressed. With phishing still the leading infection vector, companies must prioritize continuous monitoring and consider engaging a virtual Chief Information Security Officer (V-CISO) to bolster their defenses against these rising threats.
↪ https://www.corporatecomplianceinsights.com/common-and-zero-day-vulnerability-cyber-incidents-tripled-in-q4-2021/