SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. All they need is one successful attempt to gain initial access."

Ransomware

Security Affairs

JULY 18, 2025

Japanese police released a free decryptor for Phobos and 8Base ransomware, letting victims recover files without paying ransom. Japanese authorities released a free decryptor for Phobos and 8Base ransomware , allowing victims to recover files without paying.

Ransomware

Digital Shadows

NOVEMBER 12, 2024

Top MITRE Technique: Spearphishing The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024. Phishing is favored by threat actors for its simplicity and effectiveness.

Ransomware

Krebs on Security

FEBRUARY 28, 2025

Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a persistent source of malicious software, botnet controllers, and a torrent of phishing websites. And BEARHOST has been cultivating its reputation since at least 2019.

Malware

Security Affairs

JULY 9, 2025

An Iranian ransomware group, Pay2Key.I2P, has intensified attacks on U.S. The Iranian ransomware group Pay2Key.I2P is stepping up attacks on U.S. The ransomware gang is the successor to the original Pay2Key group and experts linked it to the Iran-nexus APT group Fox Kitten.

Ransomware

Security Affairs

JULY 26, 2025

An international law enforcement operation seized the dark web data leak site of the BlackSuit ransomware group. A banner on the BlackSuit ransomware group’s TOR data leak sites informs visitors that they were seized by U.S. The BlackSuit ransomware operation has been active since April 2023. Updates and new content are noted.

Ransomware

Malwarebytes

JANUARY 10, 2025

The RansomHub ransomware group claims to have exfiltrated an enormous 1.5 Here, the ransomware group lays blame on the company itself. This isn’t rare for a ransomware group, as the tactics and vernacular are often based around shame, guilt, and a pre-teen-like arrogance. 2FA that relies on a FIDO2 device cant be phished.

Ransomware

eSecurity Planet

NOVEMBER 6, 2024

Following a July 18 attack by the Rhysida ransomware group — believed to have Russian affiliations — Columbus is still reeling from the exposure of vast amounts of sensitive resident data. Cybersecurity awareness training helps staff recognize phishing scams , social engineering attempts, and other threats.

Ransomware

Malwarebytes

APRIL 15, 2025

The car rental giants data was stolen in a ransomware attack leveraging a vulnerability in Cleo file sharing products. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device cant be phished. Watch out for fake vendors. Take your time.

Data breaches

Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office.

Ransomware

Krebs on Security

APRIL 30, 2025

Buchanan was arrested in Spain last year on a warrant from the FBI, which wanted him in connection with a series of SMS-based phishing attacks in the summer of 2022 that led to intrusions at Twilio, LastPass, DoorDash, Mailchimp, and many other tech firms. A Scattered Spider/0Ktapus SMS phishing lure sent to Twilio employees in 2022.

Identity Theft

Penetration Testing

JULY 3, 2025

airlines with ransomware, vishing, and VMware exploits—CrowdStrike warns of a rising threat across cloud identities. SCATTERED SPIDER targets U.S.

Ransomware

Security Affairs

MAY 13, 2025

A 45-year-old foreign man has been arrested in Moldova for allegedly participating in ransomware attacks on Dutch companies in 2021. He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting Dutch companies. million euros.”

Ransomware

Security Affairs

DECEMBER 9, 2024

Romanian energy supplier Electrica Group is investigating an ongoing ransomware attack impacting its operations. ” Electrica Group advised customers to stay vigilant against potential phishing attempts and suspicious communications claiming to be from Electrica. “Initial investigations show that it was a ransomware attack.

Ransomware

SecureWorld News

JULY 8, 2025

Ransomware is no longer the work of lone-wolf hackers with deep technical chops. Ransomware-as-a-Service (RaaS) has transformed cybercrime into an accessible, scalable platform that anyone can tap into—no code required. Explosive growth in ransomware attacks across every industry. The result? It starts with awareness.

Ransomware

Thales Cloud Protection & Licensing

MAY 7, 2025

Phishing-Resistant MFA: Why FIDO is Essential madhav Thu, 05/08/2025 - 04:47 Phishing attacks are one of the most pervasive and insidious threats, with businesses facing increasingly sophisticated and convincing attacks that exploit human error. High-profile breaches illustrate the devastating impact of credential-based attacks.

Phishing

Digital Shadows

JANUARY 22, 2025

Phishing Remains Top Tactic, Fueled by Teams Abuse Figure 1: Top attack techniques in true-positive customer incidents for finance & insurance sector, H2 2024 vs H2 2023 Phishing dominated cyber attacks in H2 2024, accounting for over 90% of incidents across industries due to its simplicity and effectiveness.

Insurance

Security Affairs

JANUARY 22, 2025

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024.

Ransomware

Malwarebytes

JANUARY 27, 2025

In May, UnitedHealth CEO Andrew Witty estimated that the ransomware attack compromised the data of a third of US individuals when he testified before the Senate Finance Committee on Capitol Hill. The ALPHV/BlackCat ransomware group claimed the initial attack. 2FA that relies on a FIDO2 device cant be phished. Take your time.

Data breaches

The Last Watchdog

OCTOBER 23, 2024

Cybersecurity training for small businesses is critical, and SMBs should invest in training programs to help employees recognize threats such as phishing attacks, ransomware, and other malicious activities. Regular backups ensure that businesses can recover quickly from ransomware attacks or other data loss incidents.

Small Business

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business

Security Affairs

OCTOBER 22, 2024

According to the experts, the malware was developed by the TrickBot group and replaced the BazarLoader backdoor to provide initial access to the victim’s infrastructure in ransomware attacks. The malware is distributed through phishing messages using a malicious attachment or a link to the malicious archive containing Bumblebee.

Malware

Malwarebytes

NOVEMBER 4, 2024

A ransomware attack against the City of Columbus, Ohio—which drew public scrutiny following the city government’s attempt to silence a researcher who told the public about the attack—has received a little more detail from an unexpected source: The Attorney General for the state of Maine. Watch out for fake vendors. Take your time.

Data breaches

eSecurity Planet

MARCH 17, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has released a joint cybersecurity advisory warning organizations about the escalating threat posed by the Medusa ransomware.

Ransomware

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware

eSecurity Planet

OCTOBER 22, 2024

One of the most concerning tactics currently on the rise is the ClickFix campaign — a sophisticated phishing scheme targeting unsuspecting Google Meet users. ClickFix campaigns represent a new wave of phishing tactics that emerged in May 2024, aimed at exploiting users of popular software applications. What Are ClickFix Campaigns?

Scams

Penetration Testing

APRIL 21, 2025

Trend Micro has identified a recent campaign involving FOG ransomware, demonstrating the adaptability of cybercriminals in their attempts The post FOG Ransomware Campaign Targets Multiple Sectors with Phishing and Payload Obfuscation appeared first on Daily CyberSecurity.

Phishing

Security Affairs

MAY 24, 2025

law firms for 2 years using callback phishing and social engineering extortion tactics. law firms using phishing and social engineering. Linked to BazarCall campaigns, the group previously enabled Ryuk and Conti ransomware attacks. FBI warns Silent Ransom Group has targeted U.S. ” reads the alert issued by the FBI.

Social Engineering

SecureWorld News

MAY 5, 2025

Companies that treat burnout like an HR issue instead of a security risk are leaving their front door wide openand ransomware gangs are walking right in. Phishing emails get through because people stop reading carefully. Ransomware gangs don't need to find a vulnerability in your firewall if they can find it in your people.

Ransomware

Security Boulevard

NOVEMBER 6, 2024

Interpol, other law enforcement agencies, and cybersecurity firms teamed up for Operation Synergia II, shutting down 22,000 malicious servers that supported ransomware, phishing, and other attacks and arresting 41 people connected to the cybercrime campaigns.

Cybercrime

Security Affairs

DECEMBER 2, 2024

Operation HAECHI V (July-Nov 2024) targeted cyber frauds like phishing, romance scams, sextortion, investment fraud, online gambling, BEC, and e-commerce fraud. Korean and Chinese authorities dismantled a voice phishing syndicate that caused $1.1B in losses to 1,900+ victims. The operation led to 27 arrests and 19 indictments.

Cryptocurrency

The Last Watchdog

MAY 15, 2025

Once inside, they can disrupt operations, steal or sell data, launch fraudulent transactions, or install ransomware to demand payouts. In some cases, pre-built ransomware kits complete with instructions are sold for just a few hundred dollars. That means: Training employees to recognize phishing and avoid risky behavior.

Small Business

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency

eSecurity Planet

FEBRUARY 24, 2025

Over 200,000 internal messages from the notorious ransomware group Black Basta have surfaced online exposing deep divisions, ransom negotiations, and internal dysfunction. Cybersecurity experts are now poring over the data, uncovering a rare inside look at how one of the most feared ransomware groups operates and potentially unravels.

Ransomware

Malwarebytes

JUNE 19, 2025

Targeted phishing : Combining leaked data allows cybercriminals to engage in very convincing and personalized scams. Ransomware/business email compromise (BEC) attacks : Compromised business credentials facilitate network intrusions or fraudulent wire transfers. Some forms of 2FA can be phished just as easily as a password.

Identity Theft

Security Affairs

NOVEMBER 21, 2024

Between September 2021 and April 2023, the hackers carried out phishing attacks to steal login credentials from employees of 12 companies and individuals. Hackers in their teens and 20s allegedly carried out phishing attacks via fake text messages to steal login credentials from employees of 12 companies and individuals.

Cybercrime

Hacker's King

DECEMBER 16, 2024

From ransomware to sophisticated state-sponsored attacks, no organization is immune. Types of Recent Cyber Attacks Ransomware Attacks : Ransomware continues to be one of the most prevalent and damaging types of cyber attacks. Simulated phishing exercises can help staff become more aware of these threats.

Cyber Attacks