Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware

Malvertising Campaign Abuses Google Ads to Target Advertisers

Researchers at Malwarebytes are tracking a major malvertising campaign that’s abusing Google Ads to target individuals and businesses interested in advertising. The threat actors are using compromised Google Ads accounts to run ads that impersonate Google, leading victims to a fake Google login page designed to steal their credentials.

CrowdStrike Researchers Explore Contrastive Learning to Enhance Detection Against Emerging Malware Threats

The process of crafting new malware detection features is usually time-consuming and requires extensive domain knowledge outside the expertise of many machine learning practitioners. These factors make it especially difficult to keep up with a constantly evolving threat landscape. To mitigate these challenges, the CrowdStrike Data Science team explored the use of deep learning to automatically generate features for novel malware families.

Introducing CelesTLSH: Advanced Malware Detection with Fuzzy Hashing

We are excited to announce the integration of the CelesTLSH Malware Scanner into the LimaCharlie ecosystem. Developed by Magonia Research, CelesTLSH enhances your security operations by scanning files collected via the BinLib extension. It identifies known malware and threat actor tools through advanced fuzzy hashing techniques.

The New Face of Ransomware: Key Players and Emerging Tactics of 2024

As we step into 2025, the high-impact, financially motivated ransomware landscape continues to evolve, shaped by a combination of law enforcement actions, shifting affiliate dynamics, advancements in defensive approaches, and broader economic and geopolitical influences. While 2024 also saw the continued use of ransomware for non-financial gain purposes, such as drawing attention away from other activities – financial motives remained at the forefront of the overall ransomware landscape.

Cl0p Ransomware's Reign of Cyber Extortion: Analyzing the Recent Cleo Software Exploits

In the context of ongoing cyber risk assessment , ransomware is one of the most commercial and destructive forms of cybercrime. Amidst the ocean of crime groups within cyberspace, the Cl0p ransomware syndicate is one of the more refined and persistent threats. This group of cyber-thieves has made notorious headlines with aggressive forms of extortion and campaigns.

The Anatomy of Akira Ransomware: Is Your Organization Safe? Learn Threats, Exploits, and Safeguards

Akira ransomware is a destructive malware that has ravaged industries since its discovery in March 2023. The operations have mostly targeted businesses in North America, the UK, and Australia. Akira ransomware’s darkweb site Akira employs a double-extortion tactic; it does not only encrypt the victim's data but also exfiltrates the data, and subsequently threatens to leak it on the internet unless the ransom demand is met.

Ransomware Gangs Claimed More Than 5,000 Attacks in 2024

Ransomware groups claimed responsibility for 5,461 attacks in 2024, with 1,204 of these attacks being publicly confirmed by victim organizations, according to Comparitech’s latest Ransomware Roundup report. The average ransom demand was more than $3.5 million, and the average ransom paid was $9.5 million. Many of these attacks involved data theft extortion, leading to the breach of nearly 200 million records.

Insights from the Codefinger Ransomware Attack: A Wake-Up Call for IT Leaders

The recent Codefinger ransomware attack has sent shockwaves through the IT community, specifically targeting businesses relying on AWS S3 storage services. This breach highlights the importance of prioritizing security “best practices” to protect even the most reliable platforms.