Gunra ransomware was first observed in April 2025 in a campaign that targeted Windows systems using techniques inspired by the infamous Conti ransomware.
Trend Micror monitoring of the ransomware landscape revealed that threat actors behind Gunra have expanded with a Linux variant, signaling a strategic move toward cross-platform targeting. The novel ransomware group has already made headlines after allegedly leaking 40 terabytes worth of data from a victim hospital in Dubai in May this year. Trend’s threat intelligence data detected activity from Gunra ransomware in enterprises from Turkiye, Taiwan, the United States, and South Korea.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- IoT Flaw Allows Hijacking of Connected Construction Cranes
October 30, 2018
An attacker can send spoofed commands to the crane’s controller. A connected construction crane, from Telecrane, has a vulnerability that would allow cyberattackers to intercept its communications and take the equipment over. The internet of things (IoT) continues to add new types of objects to its footprint, as industries start leveraging connectivity to increase productivity, accuracy and ...
- Dead Web Apps Haunt 70 Percent of FT 500 Firms
October 30, 2018
Abandoned web applications used by FT 500 Global Companies have exploitable flaws and weaknesses. A study of abandoned websites owned by leading global corporations hammers home the point that old web applications need to be properly mitigated or retired. Otherwise, these resources often haunt a firm long after they have been forgotten. Researchers at High-Tech Bridge used ...
- New Privilege Escalation Flaw Affects Most Linux Distributions
October 26, 2018
An Indian security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributions, including Debian, Ubuntu, CentOS, Red Hat, and Fedora. Xorg X server is a popular open-source implementation of the X11 system (display server) that offers a graphical environment to a wider range of hardware and OS platforms. It ...
- Unusual Remote Execution Bug in Cisco WebEx Discovered by Researchers
October 25, 2018
While remote code execution vulnerabilities are pretty common, a new one discovered in Cisco’s WebEx online and video collaboration software is definitely different. That is because users can remotely execute commands through a component of the WebEx client even when WebEx does not listen for remote connections. Remote code execution vulnerabilities are bugs that allow a users ...
- StrongPity APT Changes Tactics to Stay Stealthy
October 23, 2018
After being exposed, the APT made minor adjustments in their tactics to stay off the security radar. The APT group behind the sophisticated malware known as StrongPity (a.k.a. Promethium) has changed its tactics, after various research groups analyzed the malware and exposed its methods of deployment. The efforts have allowed the group to return to hidden ...
- Two Critical RCE Bugs Patched in Drupal 7 and 8
October 20, 2018
Drupal is urging users to upgrade to the latest release that fixes two critical remote code execution bugs impacting Drupal 7 and Drupal 8. Developers have also identified three additional “moderately critical” vulnerabilities. “A remote attacker could exploit some of these vulnerabilities to take control of an affected system,” according to a security bulletin posted by the United States ...