https://cybercrime.club/tags/incident-anatomy/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usSun, 07 Jun 2026 10:00:00 -0400https://cybercrime.club/deep-dives/anatomy-interlock-ransomware-clickfix-to-cisco-zero-day/Sun, 07 Jun 2026 10:00:00 -0400https://cybercrime.club/deep-dives/anatomy-interlock-ransomware-clickfix-to-cisco-zero-day/For a year, the surest way to get hit by Interlock was to paste a command into your own Run dialog. On January 26, 2026, the group stopped waiting for users to make mistakes and started exploiting a pre-auth, root-level Cisco firewall zero-day instead. The same crew now runs both ends of the sophistication ladder — and that should change how you model initial access.