In the ever-evolving landscape of cybersecurity threats, new players emerge with alarming frequency, and the latest to make waves is "Kill Ransomware." With a formation date in 2023, this group wasted no time in announcing its presence on the dark web, enticing skilled hackers to join its ranks. Leveraging sophisticated tactics, Kill Ransomware has swiftly executed four notable breaches, sending shockwaves through the digital realm.

The threat group "RA World" (formerly RA Group) has shifted from country-specific ransomware attacks to include specific industries via a new - not previously seen - method of extortion. I don’t like it when I hear about ransomware groups growing, but that's the case in TrendMicro’s new analysis of RA World ransomware. What was once through to be a smaller operation focused on attacks targeting organizations in South Korea and the U.S.

Info stealer malware, also known as information stealers, are a growing menace in the cybersecurity landscape. These malicious programs lurk in the shadows, siphoning sensitive data from unsuspecting victims' devices. While data breaches often grab headlines, info stealer attacks can be just as devastating, silently compromising personal information and causing significant financial losses. This blog post sheds light on the world of info stealer malware and the chilling reality of stealer logs.

Ransomware remains one of the biggest security threats in 2024. This follows a concerning resurgence in 2023, where more than $450 million in ransomware payments were reported in the first half of the year alone. The proliferation of Ransomware-as-a-Service (RaaS) and the subsequent attacks against a variety of businesses—from the smallest start-up to the most powerful multinational—reinforce what security professionals already know: ransomware is not going away.

Adware can cause performance issues and unwanted ads on your computer. Some types of adware can even collect your personal information. To protect your personal information, you need to remove as much adware from your computer as possible. To remove adware from your computer, you should back up your files, download adware removal software and remove any unnecessary programs.

Malware often hides communications with its command and control (C2) server over HTTPS. The encryption in HTTPS usually conceals the compromise long enough for the malware to accomplish its goal. This makes detecting malware that uses HTTPS challenging, but once in a while, you will catch a break, as in the case here with AsyncRAT, a Windows remote access tool that has been deployed over the past year to target organizations that manage critical infrastructure in the United States.

The 2023 ransomware attack at the University of Manchester didn’t stop once the threat actors had successfully exfiltrated the personal identifiable information (PII) for faculty and staff, plus 250 GB of other data. When the university showed hesitation toward paying the ransom, they turned to a tactic that is becoming increasingly popular among cybercriminals — triple extortion.

Detecting malware in container environments can be a major challenge due to the rapid development of malicious code, the proliferation of insecure container images, and the multilayered complexity of container stacks. Staying ahead of attackers means tracking the constant evolution of malware and rooting out threats in your codebase at the expense of considerable compute.