Security Affairs

JUNE 22, 2025

Qilin ransomware gang now offers a “Call Lawyer” feature to help affiliates pressure victims into paying, per Cybereason. The Qilin ransomware group is now offering legal support to its affiliates through a “Call Lawyer” feature to pressure victims into paying. ” reads the report published by Cybereason.

Ransomware 117

Ransomware DDOS Cybercrime Healthcare 117

Security Boulevard

FEBRUARY 19, 2025

The post CaaS Surges in 2025, Along With RATs, Ransomware appeared first on Security Boulevard. Cybercrime-as-a-Service (CaaS) now accounts for 57% of all cyberthreats, marking a 17% increase from the first half of 2024, according to Darktraces Annual Threat Report.

Ransomware 104

Ransomware Cybercrime Threat Reports Accountability 104

Malwarebytes

FEBRUARY 4, 2025

And yet, if artificial intelligence achieves what is called an agentic model in 2025, novel and boundless attacks could be within reach, as AI tools take on the roles of agents that independently discover vulnerabilities, steal logins, and pry into accounts. You can find the full 2025 State of Malware report here.

Artificial Intelligence 144

Artificial Intelligence Small Business Malware Technology 144

Centraleyes

DECEMBER 16, 2024

As we approach 2025, the cybersecurity landscape is evolving rapidly, shaped by technological advancements, regulatory shifts, and emerging threats. Below is an exhaustive list of key cybersecurity trends to watch out for in 2025. Supply Chain Security on the Rise In 2025, the supply chain will remain a major cybersecurity risk.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Technology 98

Security Affairs

MAY 25, 2025

Operation ENDGAME dismantled key ransomware infrastructure, taking down 300 servers, 650 domains, and seizing 21.2M From May 19 to 22, 2025, Operation ENDGAME, coordinated by Europol and Eurojust, disrupted global ransomware infrastructure. They allegedly provided or operated tools used in major ransomware attacks.

Ransomware 126

Ransomware Cybercrime Malware Cryptocurrency 126

The Last Watchdog

MAY 13, 2025

Four days of packed session tracks and face-to-face discussions with industry leaders pointed to a clear reality: a large majority of ransomware victims lack effective response plans, and even more security professionals have doubts about their organizations readiness for zero-day attacks. Top 5 Cybersecurity Imperatives from RSAC 2025 1.

Architecture 130

Architecture Risk Cybersecurity Cyber Attacks 130

Lohrman on Security

MARCH 2, 2025

Ransomware attacks hit another record in 2024, and attacks in 2025 are not slowing down. So whats new and what can we learn about ransomware as we move forward?

Ransomware 211

Ransomware 211

Security Affairs

MARCH 30, 2025

The Walmart-owned membership warehouse club chain Sams Club is investigating claims of a Cl0p ransomware security breach. This week, Cl0p ransomware group listed Sams Club among the victims of its December Cleo software exploit , accusing it of ignoring security. Walmart owned Sams Club has allegedly been breached by Clop Ransomware.

Ransomware 117

Ransomware Data breaches Software Hacking 117

Security Affairs

MAY 14, 2025

Microsoft Patch Tuesday security updates for May 2025 addressed 75 security flawsacross multiple products, including five zero-day flaws. – CVE-2025-30400 – Microsoft DWM Core Library Elevation of Privilege Vulnerability This recently exploited privilege escalation bug, patched again, allows SYSTEM-level code execution.

Engineering 100

Engineering Ransomware Phishing Hacking 100

The Last Watchdog

MARCH 28, 2025

Mar 28, 2025, CyberNewswire — From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Traditionally, the primary target of ransomware has been the victims device. Palo Alto, Calif.,

Antivirus 147

Antivirus Ransomware Social Engineering Engineering 147

Security Affairs

JUNE 6, 2025

A joint advisory from the US and Australian authorities states that Play ransomware has hit approximately 900 organizations over the past three years. In December 2023, CISA, the FBI, and ACSC warned of Play ransomware’s operation that hit 300 victims by October 2023. ” The Play ransomware group follows a double extortion model.

Ransomware 97

Ransomware Encryption Antivirus Malware 97

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government 126

Government Hacking Ransomware Manufacturing 126

The Hacker News

MAY 6, 2025

It wasn't ransomware headlines or zero-day exploits that stood out most in this year's Verizon 2025 Data Breach Investigations Report (DBIR) it was what fueled them. According to the 2025 DBIR, third-party involvement in breaches doubled

Data breaches 103

Data breaches Ransomware 103

Security Affairs

MARCH 7, 2025

Medusa ransomware has claimed nearly 400 victims since January 2023, with attacks increasing by 42% between 2023 and 2024. The Symantec Threat Hunter Team reported that the Medusa ransomware operators have claimed nearly 400 victims since January 2023. Experts tracked the Medusa ransomware activity as Spearwing.

Ransomware 63

Ransomware Antivirus Healthcare Encryption 63

Security Boulevard

MARCH 30, 2025

UK Cybersecurity Weekly News Roundup - 31 March 2025 Welcome to this week's edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. As digital transformation accelerates, public infrastructure like energy and healthcare face increasing exposure to ransomware and espionage.

Cybersecurity 82

Cybersecurity Digital transformation Healthcare Ransomware 82

SecureList

DECEMBER 16, 2024

Verdict: prediction not fulfilled Our predictions for 2025 Data breaches through contractors When abusing company-contractor relationships (trusted relationship attacks), threat actors first infiltrate a supplier’s systems and then gain access to the target organization’s infrastructure or data. times compared to 2023.

Marketing 105

Marketing Data breaches Cryptocurrency Malware 105

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware 70

Ransomware Encryption Cryptocurrency Insurance 70

Security Affairs

MARCH 16, 2025

A Micronesian state suffered a ransomware attack and was forced to shut down all computers of its government health agency. A state in Micronesia, the state of Yap, suffered a ransomware attack, forcing the shutdown of all computers in its government health agency. No ransomware group has claimed responsibility for this attack.

Ransomware 117

Ransomware Government Internet Internet 117

Security Affairs

MARCH 10, 2025

Microsoft researchers reported that North Korea-linked APT tracked as Moonstone Sleet has employed the Qilin ransomware in limited attacks. Microsoft observed a North Korea-linked APT group, tracked as Moonstone Sleet, deploying Qilin ransomware in limited attacks since February 2025. ” Microsoft wrote on X. .

Ransomware 119

Ransomware Healthcare VPN Malware 119

SecureList

MAY 15, 2025

Percentage of ICS computers on which malicious objects were blocked, Q1 2022Q1 2025 In JanuaryMarch 2025, the figures were the lowest compared to the same months of the previous four years. In Q1 2025, the percentage of affected ICS computers ranged from 10.7% Threat levels in different regions still vary.

Spyware 88

Spyware Phishing Internet Internet 88

SecureWorld News

APRIL 23, 2025

In its 17th edition, Verizon's 2025 Data Breach Investigations Report (DBIR) continues to deliver one of the most comprehensive analyses of cyber incidents worldwide. Public Sector: DoS attacks and ransomware remain major concerns. Manufacturing: IP theft and ransomware are top risks; OT/ICS systems still lag in basic controls.

CISO 99

CISO Ransomware Backups Risk 99

The Hacker News

MAY 8, 2025

Threat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented.NET compiled loader codenamed NETXLOADER as part of a campaign observed in November 2024.

Ransomware 116

Ransomware Cyber Attacks Malware 116

Security Affairs

MAY 8, 2025

Lockbit ransomware group has been compromised, attackers stole and leaked data contained in the backend infrastructure of their dark web site. Hackers compromised the dark web leak site of the LockBit ransomware gang and defaced it, posting a message and a link to the dump of the MySQL database of its backend affiliate panel.

Ransomware 109

Ransomware Data breaches Hacking Accountability 109

Security Affairs

APRIL 25, 2025

The Interlock ransomware gang claimed responsibility for the attack on the leading kidney dialysis company DaVita and leaked alleged stolen data. On April 18, 2025 , the company announced it is currently investigating and addressing a recent cybersecurity incident that has temporarily disrupted certain internal operations. DaVita Inc.

Ransomware 100

Ransomware Encryption Insurance Marketing 100

Security Affairs

JUNE 6, 2025

Qilin ransomware now exploits Fortinet vulnerabilities to achieve remote code execution on impacted devices. “Phantom Mantis recently launched a coordinated intrusion campaign targeting multiple organizations between May and June 2025. . ” reads the report published by PRODAFT.

Ransomware 77

Ransomware Authentication Healthcare Firewall 77

Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office. Investigations are ongoing to assess the impact and source of the attack.

Ransomware 103

Ransomware Hacking Social Engineering Manufacturing 103

Security Affairs

MARCH 18, 2025

Last week, researchers at Forescout Research Vedere Labs reported that between January and March, threat actors exploited two Fortinet vulnerabilities to deploy the SuperBlack ransomware. The experts speculate Mora_001 could be linked to the LockBit ecosystem, reflecting the growing complexity of ransomware operations.

Authentication 116

Authentication Ransomware Firewall Hacking 116

Security Affairs

MAY 13, 2025

A 45-year-old foreign man has been arrested in Moldova for allegedly participating in ransomware attacks on Dutch companies in 2021. He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting Dutch companies. million euros.” million euros.”

Ransomware 108

Ransomware Cybercrime Malware Banking 108

SecureWorld News

FEBRUARY 5, 2025

The State of Cybersecurity in Canada 2025 report, published by the Canadian Cybersecurity Network (CCN) and the Security Architecture Podcast , delivers an in-depth analysis of the evolving threat landscape, emerging risks, and strategic recommendations for Canadian organizations. Key findings: the cyber threat landscape in 2025 1.

InfoSec 73

InfoSec Cybersecurity Energy and Utilities Cyber Insurance 73

Zero Day

JUNE 6, 2025

X Trending Memorial Day tech sales 2025 Memorial Day TV sales 2025 Memorial Day lawn & outdoor sales 2025 Memorial Day phone sales 2025 Memorial Day health tracker sales 2025 Memorial Day headphone sales 2025 Memorial Day laptop sales 2025 Best CRM software of 2025 Best small business CRM software of 2025 Best free website builders of 2025 Best (..)

Password Management 128

Password Management Passwords Identity Theft Artificial Intelligence 128

Security Affairs

MAY 27, 2025

Sophos warns that a DragonForce ransomware operator chained three vulnerabilities in SimpleHelp to target a managed service provider. Sophos researchers reported that a DragonForce ransomware operator exploited three chained vulnerabilities in SimpleHelp software to attack a managed service provider.

Ransomware 105

Ransomware Software Retail Data breaches 105

Penetration Testing

JUNE 20, 2025

Tracked as CVE-2025-4322 and rated CVSS 9.8, Tracked as CVE-2025-4322 and rated CVSS 9.8, Following the public disclosure on May 19, threat actors began targeting vulnerable sites almost immediately, with mass exploitation observed beginning on June 7th, 2025.

Passwords 68

Passwords Accountability Penetration Testing Firewall 68

Security Boulevard

JUNE 12, 2025

AttackIQ has released an updated attack graph in response to the recently revised CISA Advisory (AA23-352A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) associated with the Play Ransomware group, identified through FBI investigations as recently as May 2025.

Ransomware 64

Ransomware 64

Digital Shadows

FEBRUARY 17, 2025

Key Findings First observed in March 2024, BlackLock (aka El Dorado or Eldorado) has rapidly emerged as a major player in the ransomware-as-a-service (RaaS) ecosystem. By Q4 2024, it ranked as the 7th most prolific ransomware group on data-leak sites, fueled by a staggering 1,425% increase in activity from Q3.

Ransomware 83

Ransomware Malware Risk Accountability 83

Security Affairs

MARCH 26, 2025

Resecurity found an LFI flaw in the leak site of BlackLock ransomware, exposing clearnet IPs and server details. Resecurity has identified a Local File Include (LFI) vulnerability in Data Leak Site (DLS) of BlackLock Ransomware. BlackLock Ransomware was named as one of the fastest-growing ransomware strains for today.

Ransomware 78

Ransomware Cybersecurity Healthcare Accountability 78

Security Boulevard

JUNE 10, 2025

Traditional cybersecurity awareness […] The post AI Ready: The Complete Guide to AI-Powered Cybersecurity Training in 2025/2026 appeared first on CybeReady. The post AI Ready: The Complete Guide to AI-Powered Cybersecurity Training in 2025/2026 appeared first on Security Boulevard.

Cybersecurity 69

Cybersecurity Cyber Attacks Security Awareness Phishing 69

Security Affairs

MARCH 14, 2025

Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. Between January and March, researchers at Forescout Research Vedere Labs observed a threat actors exploiting two Fortinet vulnerabilities to deploy the SuperBlack ransomware. SuperBlack modifies LockBit 3.0s

Firewall 67

Firewall Ransomware VPN Encryption 67