Latest Internet & Cybersecurity News
Ransomware Victims Surge 43% in February 2026
Bitdefender reported 1,194 claimed ransomware victims from February 1-28, a 43% increase from January, driven by inflated claims from 0APT group with 458 victims. The Gentlemen ransomware group claimed half of Thailand's victims using BYOVD tactics like ThrottleStop.sys to evade detection and purge logs.
MDR insights highlight identity-first compromises, VPN credential theft, and fileless attacks as key trends.
Europol Leads Takedown of Stronghold LeakBase Forum
Europol, FBI, and agencies seized LeakBase, a dark web forum with 140,000 users sharing infostealers and leaked data, following RAMP seizure. This marks a major blow to cybercrime data sharing platforms.
The operation underscores international efforts against underground marketplaces.
Iran-Linked Handala Claims Cyberattack on Stryker Corporation
Hacktivist group Handala, tied to Iran's Ministry of Intelligence, claimed a major attack on US medtech firm Stryker, disrupting global networks. The assault used remote wipes on Microsoft Windows devices via Intune, defacing login pages and forcing device disconnections.
No ransomware detected, but it escalates tensions post-US strikes on Iran.
Stryker Confirms Global Network Outage from Cyber Incident
Stryker disclosed disruptions to Microsoft systems in an SEC filing, affecting 56,000 employees across 60+ countries. Staff instructed to disconnect devices; recovery timeline unclear, with Cork HQ systems shut down.
Attack wiped laptops and phones, prompting building emergency messages.
Handala's Attack Marks First Major US Business Target
Check Point Research notes Handala's Stryker hit as its first against a major US firm, alarming due to healthcare risks to patient safety. Group masquerades as pro-Iran hacktivists but linked to state intelligence.
Follows US-Israel war on Iran since late February, with other groups like Seedworm targeting US networks.
FBI Warns of Potential Iranian Drone Strikes on US West Coast
FBI bulletin to California law enforcement alerts of possible Iranian drone retaliation against US strikes. Concerns rise amid Middle East security alerts and reports of Russian drone tech aid to Iran.
Counter-drone systems and AI monitoring urged to prevent attacks.
Bill Clinton Warns of Escalating US-Iran Cyber War
Clinton discusses Operation Epic Fury's fallout, including Stryker attack and decentralized Iranian proxy ops on Western firms in energy, finance, healthcare. Predicts surging oil prices, supply chain disruptions, and cyber conflict spread without rules.
Notes CISA staffing cuts amid escalation.
CrowdStrike CEO on Iran's Shift to US Company Attacks
Mandiant CEO Kevin Mandia highlights Iran's escalation from ship threats to targeting Stryker and US tech firms. Attack on medical giant underscores growing cyber risks to critical sectors.
Discussions on Fox Business emphasize need for heightened defenses.
Stryker Data Breach Investigation Launched
Reports of March 11 cyberattack disabled thousands of employee devices, prompting class action probes. Incident aligns with Handala's claimed wiper operation.
Global impact includes international offices halting work.
Cyber Extortion Victims Triple Since 2020
Orange's Security Navigator 2026 reveals cyberextortion victims tripled since 2020, up 44.5% worldwide in 2025. Report frames attacks as 'robbery,' highlighting rising threats.
Ties into broader ransomware and wiper trends seen in recent incidents.
MDR Insights: Identity-First Attacks Dominate February
Bitdefender MDR observed VPN credential theft, remote registry access, RMM tool persistence, and firewall/RDP changes in real incidents. Fileless and in-memory execution prevalent among threat actors.
Shifts reflect evolving tactics in cyber operations.