Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

The who, what, and why of the attack that has shut down Stryker’s Windows network

Around the same time the Stryker attack came to light, posts to a Telegram account and website controlled by Handala Hack ...