InfoSecBulletin Cybersecurity for mankind
New guidance on ransomware, released during this week’s International Counter Ransomware Initiative (CRI) meeting, encourages victims to report attacks to law enforcement promptly and to consult more advisors before deciding to pay a ransom.
Cybersecurity experts from about 70 countries are gathering at the White House this week for the fourth International Counter Ransomware Initiative meeting. This annual event, initiated in 2021, aims to tackle recent ransomware attacks and develop new mitigation strategies.
Researcher found non protected database form ESHYFT containig 86000 records
CVE-2024-55591 and CVE-2025-24472
New SuperBlack ransomware exploits Fortinet flaws
CVE-2025-25291 & CVE-2025-25292
Attention! GitLab Patched Critical Authentication Bypass Flaws
CVE-2025-20138
Cisco released High Security Alert for IOS XR Software
400+ IPs Exploiting Multiple SSRF Vulnerabilities
NVIDIA has released update for NVIDIA Riva
CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
Ballista Botnet infects 6000 Unpatched TP-Link Routers
CVE-2025-24813
Flaw in Apache Tomcat Exposes Servers to RCE
The UK and Singapore governments released voluntary guidance to help victims of ransomware attacks respond effectively and reduce the impact.
Victims are urged to report attacks and ransom demands to law enforcement and cyber insurance providers. While paying ransoms is not recommended, if victims choose to do so, they should ensure it could positively impact the situation and meets local regulations.
“External experts such as insurers, national technical authorities, law enforcement or cyber incident response companies familiar with ransomware incidents can improve the quality of decision-making,” according to the new guidance. Officials also pointed out that paying the ransom does “not guarantee access to your devices or data.”
Ransomware victims should document their incident response, decisions for mitigating the attack, and any collected data for future reviews. They must also be aware of the regulatory penalties for data breaches.
“Overall, the advice feels complete and aligned,” said Casey Ellis, founder and chief strategy officer at Bugcrowd. “The only change I would consider would be to move the record-your-decision-making to the top of the list. Dealing with these types of incidents can very easily and quickly create a fog-of-war effect inside a ransomed organization.”
Participants at the event worked on various initiatives, such as finalizing a project on secure software and labeling principles by the U.K. and U.S. governments. They also announced the launch of an information-sharing member portal by Australia and a new U.S. government fund to enhance members’ cybersecurity capabilities.
The updated guidance was released following a joint effort by the U.S., U.K., and European governments to arrest and indict members of the Russian cybercriminal underground, including targets like LockBit and Evil Corp.
The U.K. NCSC and the White House did not immediately respond to requests for comments from Information Security Media Group.
