Resilience, Attack Surface, and Exposure (RASE)

Running Aces Casino, Hotel & Racetrack experienced a Qilin-attributed ransomware intrusion that compromised its network, enabling unauthorized access and exfiltration of sensitive customer PII (names, Social Security numbers, dates of birth, and driver’s license numbers), prompting regulatory notification and remediation actions.

A ransomware attack fully encrypted the Village of Golf Manor’s computer network and all available backups, prompting the council to pass Resolution No. 2025-30 to hire third-party experts who may advise whether paying a ransom for a decryption key is in the village’s best interest, while officials state they are not currently inclined to pay.

A ransomware group known as Devman allegedly attacked the Georgia Superior Court Clerks’ Cooperative Authority, disrupting access to real estate records across Georgia and claiming theft of 500 GB of sensitive data, which has delayed closings and impacted buyers, sellers, and real estate professionals statewide.

Threat actors associated with the Qilin ransomware operation infiltrated Asahi’s Japan network through compromised equipment, exfiltrated personal and business data affecting roughly 1.5–2 million customers, employees, and related contacts, and deployed ransomware that encrypted multiple servers and PCs, causing widespread operational shutdowns and significant service disruption across Japan.

Synopsis The analysis indicates that Everest is a highly capable, financially motivated ransomware group able to maintain long-term access, conduct large-scale exfiltration of structured customer and payment data, manipulate operational records, and in some cases encrypt core systems, creating a single loss event that spans operational disruption, regulatory exposure, and widespread customer impact. This information elevates strategic decision making by forcing executives to

Akira’s campaign demonstrates a high-capability extortion threat that routinely exploits phishing, valid-account abuse, and internet-facing vulnerabilities, driving measurable strategic, operational, and financial risk with an expected loss frequency of about one event every two years and substantial potential impact on sensitive data and organizational resilience.