Wake-Up Call as 3AM Ransomware Variant Is Discovered
Symantec says it was used in a failed LockBit attack
Symantec is a cybersecurity brand whose products and research involve malware, endpoint protection, data security, and threat detection.
Search across headline titles and summaries.
Background for this topic.
Symantec is a long-standing cybersecurity brand associated with endpoint protection, antivirus, data loss prevention (DLP), email and web security, and threat intelligence. Its enterprise security business became part of Broadcom, while its consumer security business was separated and later became part of Gen Digital. As a result, news tagged “Symantec” may concern legacy products, enterprise offerings, or historical company activity rather than a single current organization.
For security practitioners, Symantec-related coverage is most relevant to the protection and management of endpoint and data-control systems. These tools often run with elevated privileges and have broad access to files, traffic, and telemetry, so vulnerabilities, weak policy configuration, or delayed updates can create significant attack paths. Administrators should track product support and ownership changes, validate agent coverage and tamper protection, review telemetry handling for privacy and regulatory requirements, and ensure alerts and DLP events feed tested investigation and response processes.
Symantec says it was used in a failed LockBit attack
A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deploy LockBit (aka Bitwise Spider or Syrphid) in the target network
A threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian country for as long as six months earlier this year using a known malware referred to as ShadowPad
Symantec warns of mounting threat to critical infrastructure