By Ashwani Mishra, Editor-Technology, 63SATS
Cyber threats continue to escalate across industries. 66% of cloud storage buckets contain sensitive data, making them prime targets for ransomware attacks. WhatsApp groups are exposing users to identity theft and scams, while Microsoft warns of StilachiRAT, a stealthy remote access trojan designed for cyber espionage.
BlackLock ransomware emerges as a rebranded Eldorado, escalating attacks across sectors. Meanwhile, a cyberattack cripples Cherokee County schools, disrupting education. In a major tech move, Google is in talks to acquire cybersecurity startup Wiz for $30 billion, signalling a growing focus on cloud security dominance.
Cloud Storage at Risk: 66% of Buckets Contain Sensitive Data
A Palo Alto Networks Unit 42 report reveals that 66% of cloud storage buckets contain sensitive data, leaving them vulnerable to ransomware attacks.
Researchers warn that cybercriminals exploit cloud providers’ security controls to launch sophisticated attacks. Security experts have demonstrated multiple ways to encrypt cloud data using Amazon S3’s native encryption (SSE-C) and AWS KMS keys, making ransomware easier to execute with AI-generated scripts. As attackers refine their techniques, enterprises must adopt advanced encryption monitoring and proactive threat intelligence to safeguard cloud assets from automated ransomware infiltration.
WhatsApp Groups: A Growing Cybersecurity Threat
A cybersecurity expert warn that WhatsApp groups are a major source of personal data leaks as reported by Free Malaysia Today. Users unknowingly expose their names, phone numbers, and locations, making them easy targets for phishing scams and fraud.
According to Ian Tan of Heriot-Watt University Malaysia, group chats—especially in housing societies, workplaces, and large communities—provide cybercriminals with direct access to victims’ contact details. Hackers use this information for spam calls, identity theft, and targeted scams. Experts urge users to limit group visibility, avoid sharing sensitive details, and regularly audit group members to minimize security risks on messaging platforms.
Microsoft Uncovers New Remote Access Trojan (StilachiRAT)
Microsoft has detected a new remote access trojan (RAT), StilachiRAT, designed to evade detection and steal sensitive data. While not yet widespread, Microsoft has publicly shared indicators of compromise to help organizations protect themselves. StilachiRAT uses advanced persistence techniques to extract credentials, digital wallet information, and clipboard data.
It can also scan system hardware, detect active RDP sessions, and monitor running applications, making it a highly sophisticated cyber espionage tool. Security experts urge enterprises to update defenses, monitor suspicious activity, and restrict unauthorized remote access to minimize exposure to emerging threats.
BlackLock: The Evolution of a Notorious Ransomware Group
Cyber researchers have confirmed that BlackLock is a rebranded version of Eldorado, a ransomware-as-a-service (RaaS) group forced underground due to law enforcement scrutiny. Since reemerging, BlackLock has executed 48 attacks in two months, with construction and real estate firms among its top targets.
BlackLock employs fast encryption speeds, renames files with randomized extensions, and demands ransom through a note titled “HOW_RETURN_YOUR_DATA.TXT.” The group has also deployed destructive wipers against government agencies, increasing its threat level. BlackLock remains active on encrypted messaging platforms, complicating efforts to track its operations.
Cherokee County School District Hit by Cyberattack
The Cherokee County School District remains offline following a major cybersecurity breach over the weekend. The attack impacted the district’s IT systems, email, and network access, forcing officials to enforce strict security restrictions. Key disruptions include:
🔹 No WiFi or mobile hotspots for students and staff
🔹 Limited access to online learning platforms
🔹 Manual meal transactions in cafeterias
Authorities, including the FBI and State Law Enforcement Division (SLED), are investigating the breach. While the full extent of the attack remains unclear, officials are focused on restoring critical operations and assessing potential data exposure.
Google in Talks to Acquire Cybersecurity Startup Wiz for $30 Billion
Alphabet, Google’s parent company, is in advanced discussions to acquire cybersecurity startup Wiz for $30 billion, marking its largest acquisition to date. If finalized, the deal would bolster Google Cloud’s security capabilities as it competes with Microsoft and Amazon in the cloud-computing market.
Wiz, a leader in cloud security solutions, specializes in real-time risk assessment and threat detection for cloud environments. While negotiations continue, analysts view this potential acquisition as a strategic move to strengthen Google’s cybersecurity portfolio and accelerate its cloud business growth.
