SecureList

APRIL 16, 2025

Instead, they rely on the default severity in the rule, which is often set randomly or based on an engineer’s opinion without a clear process. Detection engineering program Before diving into the program-level approach, we will first present the detection engineering lifecycle that forms the foundation of the proposed program.

Engineering 66

Engineering Threat Detection Firewall Digital transformation 66

Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office.

Ransomware 106

Ransomware Hacking Social Engineering Healthcare 106

Security Affairs

JANUARY 22, 2025

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024.

Ransomware 98

Ransomware Malware Social Engineering Phishing 98

The Last Watchdog

DECEMBER 16, 2024

Williams Dr. Darren Williams , CEO, BlackFog Lesser-known ransomware groups like Hunters International will grow rapidly, leveraging AI for more efficient attacks, while “gang-hopping” by cybercriminals complicates attribution and containment. This empowers them to proactively prioritize what matters most.

Cyber threats 265

Cyber threats CISO IoT Phishing 265

Security Boulevard

DECEMBER 16, 2024

Hackers likely stole personal information such names, addresses, and SSNs in a ransomware attack on Rhode Island's human services systems and are threatening to release the data as state and federal officials and Deloitte scrambling to mitigate the data breach.

Ransomware 108

Ransomware Data breaches Social Engineering Data privacy 108

Digital Shadows

FEBRUARY 17, 2025

Key Findings First observed in March 2024, BlackLock (aka El Dorado or Eldorado) has rapidly emerged as a major player in the ransomware-as-a-service (RaaS) ecosystem. By Q4 2024, it ranked as the 7th most prolific ransomware group on data-leak sites, fueled by a staggering 1,425% increase in activity from Q3.

Ransomware 83

Ransomware Malware Accountability Risk 83

Tech Republic Security

JULY 23, 2025

Federal agencies warn of rising Interlock ransomware attacks targeting healthcare and critical sectors using double extortion and advanced social engineering.

Healthcare 79

Healthcare Social Engineering Ransomware Engineering 79

Penetration Testing

DECEMBER 22, 2024

Pranita Pradeep Kulkarni, Senior Engineer in Threat Research at Qualys, has detailed a new ransomware strain dubbed NotLockBit, which mimics the notorious LockBit ransomware while introducing unique cross-platform capabilities.

Ransomware 56

Ransomware Engineering Cybersecurity Malware 56

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. TB of stolen data. The group claims the theft of 1.4

Technology 110

Technology Ransomware Engineering Manufacturing 110

Penetration Testing

JUNE 22, 2025

Red Canary uncovers Mocha Manakin, a new threat group using "paste and run" social engineering to deploy NodeInitRAT, a custom NodeJS RAT with potential ransomware links.

Social Engineering 94

Social Engineering Engineering Ransomware Malware 94

Security Affairs

JULY 2, 2025

The cybercriminals are using social engineering techniques to gain access to target organizations by impersonating employees or contractors. These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access. continues the alert.

Data breaches 67

Data breaches Social Engineering Engineering Cybercrime 67

Security Affairs

MAY 24, 2025

law firms for 2 years using callback phishing and social engineering extortion tactics. law firms using phishing and social engineering. Linked to BazarCall campaigns, the group previously enabled Ryuk and Conti ransomware attacks. FBI warns Silent Ransom Group has targeted U.S. ” reads the alert issued by the FBI.

Social Engineering 116

Social Engineering Antivirus Phishing Authentication 116

DoublePulsar

MAY 4, 2025

Theres a piece in The Sunday Times today about the DragonForce ransomware incident at Marks and Spencer which caught my eye. Travelex tried saying the ransomware incident was a technical issue at first. When I covered the Capita ransomware, they paid quietly paid Black Basta early on. This iswrong. Travelex arent alone.

Ransomware 64

Ransomware Backups Government VPN 64

Krebs on Security

NOVEMBER 21, 2024

Members of Scattered Spider are reputed to have been involved in a September 2023 ransomware attack against the MGM Resorts hotel chain that quickly brought multiple MGM casinos to a standstill. In January 2024, KrebsOnSecurity broke the news that Urban had been arrested in Florida in connection with multiple SIM-swapping attacks.

Identity Theft 284

Identity Theft Phishing Cryptocurrency Accountability 284

Security Affairs

DECEMBER 6, 2024

The attack aimed at deploying the PSAUX ransomware attack. “the threat intel search engine LeakIX reported that 21,761vulnerable CyberPanel instances were exposed online, and nearly half (10,170) were in the United States.” ” reported Bleeping Computer. ” reported Bleeping Computer.

DNS 112

DNS Authentication Ransomware Hacking 112

Krebs on Security

NOVEMBER 14, 2024

” Mr. Shefel says he stopped selling stolen payment cards after being pushed out of the business, and invested his earnings in a now-defunct Russian search engine called tf[.]org. In February, he and Ermakov were arrested on charges of operating a short-lived ransomware affiliate program in 2021 called Sugar (a.k.a.

Advertising 294

Advertising Retail Cryptocurrency Cybercrime 294

SecureWorld News

MAY 16, 2025

Scattered Spider is a financially motivated threat actor group known for its social engineering prowess, SIM-swapping attacks, and living-off-the-land (LOTL) techniques. The group is well known to employ social engineering tactics to gain access, so hardening your help desk is an immediate first step in defense," Staynings continued.

Retail 86

Retail Social Engineering Engineering Telecommunications 86

SecureWorld News

JUNE 9, 2025

Additionally, a distributed workforce, ranging from remote maintenance technicians to cabin crews, multiplies entry points for social-engineering tactics like phishing. Aircraft themselves are nodes on data networks, constantly transmitting telemetry, engine performance metrics, and passenger connectivity data.

Cybersecurity 120

Cybersecurity Social Engineering Computers and Electronics Encryption 120

Security Affairs

APRIL 7, 2025

Guidebooks are also available to instruct on how to exploit the information obtained, in order to more effectively target victims through social engineering and doxxing campaigns.

Cybercrime 140

Cybercrime Social Engineering Accountability Government 140

Security Affairs

DECEMBER 1, 2024

Through Zyxel! Unveiling the Past and Present of APT-K-47 Weapon: Asyncshell Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter )

Malware 74

Malware Social Engineering Antivirus Engineering 74

Security Affairs

MAY 14, 2025

– CVE-2025-32701 / CVE-2025-32706 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Recent Windows component bugs, previously exploited, enable SYSTEM-level privilege escalation and may support ransomware attacks. The researchers warn that the flaw could be exploited in phishing/ransomware attacks.

Engineering 102

Engineering Ransomware Phishing Hacking 102

SecureWorld News

APRIL 3, 2025

Then came the inevitable: a ransomware attack that encrypted patient records, forced appointment cancellations for three weeks, and ultimately cost more than $12 million in recovery costs, regulatory fines, and lost revenue. Their security team developed a solid remediation plan, but couldn't convince leadership to prioritize the fixes.

Ransomware 84

Ransomware CISO Authentication Healthcare 84

Hacker's King

DECEMBER 16, 2024

From ransomware to sophisticated state-sponsored attacks, no organization is immune. Types of Recent Cyber Attacks Ransomware Attacks : Ransomware continues to be one of the most prevalent and damaging types of cyber attacks. These attacks often involve encrypting data and demanding a ransom for its decryption.

Cyber Attacks 59

Cyber Attacks Phishing Penetration Testing Healthcare 59

Security Affairs

JUNE 28, 2025

The cybercriminals are using social engineering techniques to gain access to target organizations by impersonating employees or contractors. “These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access. ” continues the alert.

Social Engineering 83

Social Engineering Cybercrime Engineering Authentication 83

eSecurity Planet

OCTOBER 22, 2024

Cybercriminals employ social engineering techniques to trick you into believing you must resolve fictitious technical issues. The hallmark of ClickFix campaigns is their clever use of social engineering. Regularly back up your data : Frequent backups can safeguard your information against ransomware attacks and malware infections.

Scams 123

Scams Malware Phishing Social Engineering 123

SecureWorld News

JUNE 6, 2025

These threats often bypass traditional perimeter defenses due to: Legacy systems with poor EDR/AV coverage Air-gapped environments with outdated patching Insider mishandling or social engineering The report stresses implementing secure media transfer protocols and advanced scanning stations as part of basic hygiene for critical environments.

Media 97

Media Social Engineering Malware Backups 97

SecureList

NOVEMBER 29, 2024

Interestingly, Twelve shares infrastructure, utilities and TTPs (Tactics, Techniques and Procedures) with the DARKSTAR ransomware group (formerly known as Shadow or COMET). This includes the use of the ngrok utility for tunneling, Radmin, AnyDesk and PuTTY for remote access, the Shamoon wiper and a leaked version of the LockBit ransomware.

Energy and Utilities 99

Energy and Utilities Ransomware Malware Government 99

The Hacker News

JUNE 26, 2025

The ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of 2024 and the first half of this year, according to data from ESET.

Social Engineering 89

Social Engineering Engineering Ransomware 89

Digital Shadows

JANUARY 22, 2025

In this blog, well preview the reports highlights and give insights into social engineering campaigns leveraging impersonating domains and our predictions for the threats shaping 2025. These methods enable unauthorized access, credential theft, and ransomware deployment, severely disrupting operations and eroding customer trust.

Insurance 65

Insurance Phishing Social Engineering Engineering 65

SecureWorld News

APRIL 22, 2025

This incident highlights the critical vulnerability in cryptocurrency communities, where high-net-worth individuals or executives may be more prone to social engineering attacks due to the high volume of media and investor engagement they handle. Lazarus is also behind significant cryptocurrency heists, such as the $1.5

Cryptocurrency 100

Cryptocurrency Social Engineering Cybercrime Engineering 100

SecureWorld News

NOVEMBER 6, 2024

Protecting against new threats: supply chain attacks, ransomware, and deepfakes Zero Trust is built to counter modern threats like supply chain attacks, ransomware-as-a-service (RaaS), and deepfake social engineering. Ransomware-as-a-Service (RaaS): The Kaseya ransomware attack in 2021 compromised more than 1,000 businesses.

Social Engineering 104

Social Engineering Authentication Architecture Ransomware 104

Security Affairs

MAY 14, 2025

Below are details for these flaws: CVE-2025-30397 Scripting Engine Memory Corruption Vulnerability – Attackers can exploit a remote code execution bug in Edge by tricking victims into clicking a crafted link. The researchers warn that the flaw could be exploited in phishing/ransomware attacks.

Engineering 78

Engineering Ransomware Phishing Hacking 78

IT Security Guru

FEBRUARY 25, 2025

Other Ways Threat Actors Exploit Human Behaviour In addition to fatigue attacks, malefactors weaponise social engineering. ” The combination of push spamming and social engineering fuels a compelling scene where the victim feels under pressure to comply.

Social Engineering 118

Social Engineering Authentication Risk Accountability 118

Krebs on Security

MAY 14, 2025

“The average time from public disclosure to exploitation at scale is less than five days, with threat actors, ransomware groups, and affiliates quick to leverage these vulnerabilities.”

Artificial Intelligence 208

Artificial Intelligence Internet Internet Phishing 208

SecureWorld News

FEBRUARY 10, 2025

Ransomware While many ransomware attacks start with a phishing email or a stolen credential, the most damaging ones rely on network vulnerabilities to spread laterally and infect large portions of the target environment. Users must also avoid accessing sensitive information over public networks.

DDOS 74

DDOS Ransomware Authentication Phishing 74

Security Affairs

OCTOBER 13, 2024

GorillaBot: The New King of DDoS Attacks Hidden cryptocurrency mining and theft campaign affected over 28,000 users The Mongolian Skimmer: different clothes, equally dangerous Akira and Fog ransomware now exploit critical Veeam RCE flaw Ransomware Report: Unveiling Trends in Attack Payouts and Negotiations Careful About What App Promotion Ads Recommend! (..)

Malware 126

Malware DDOS Cryptocurrency Education 126

Hacker's King

OCTOBER 19, 2024

You may also want to read about: Cybersecurity vs Software Engineering in 2024 The Global Rise of Cyber Threats In the past decade, cyber threats have grown in frequency, complexity, and impact. This creates a high demand for cybersecurity jobs , particularly for roles such as security analysts, network engineers, and ethical hackers.

Cybersecurity 59

Cybersecurity Healthcare Cyber threats Government 59