%term

Dissecting Image-Based Steganography in a .NET (Quasar) RAT Loader

Aug 8, 2025 By Splunk In Splunk

The Splunk Threat Research Team created a simple script tool to automatically extract the hidden stub modules from the resource entry images. This video demo shows how this tool can extract hidden payload on those images on non-corrupted.NET Loaders.

View Video

Splunk

Read more about Dissecting Image-Based Steganography in a .NET (Quasar) RAT Loader

Rubrik Preemptive Recovery: Explained!

Aug 7, 2025 By Rubrik In Rubrik

In the fight against ransomware, every second counts—if you're manually responding only after an attack, you could already be too late. In this video, we'll explore Rubrik's Preemptive Recovery Engine, a groundbreaking capability designed to proactively detect threats and speed up your recovery response. Unlike traditional, reactive solutions, Rubrik automatically identifies clean snapshots, pinpoints the optimal recovery points, and prepares your critical data ahead of threats—dramatically shrinking your recovery window and minimizing disruption.

View Video

Rubrik

Read more about Rubrik Preemptive Recovery: Explained!

Cybersecurity Isn't a Button You Push

Aug 7, 2025 By Rubrik In Rubrik

Too many think cybersecurity is just tools and workflows. Cyber threat intelligence expert Dustin Droullard sets the record straight: it’s complex, adaptive, and demands real critical thinking. You can’t automate instincts, and future pros need to learn how to think, not just react.

View Video

Rubrik

Read more about Cybersecurity Isn't a Button You Push

'Plague' malware exploits Pluggable Authentication Module to breach Linux systems

Aug 7, 2025 By Malware Research Team In CyberArk

‘Plague’ represents a newly identified Linux backdoor that has quietly evaded detection by traditional antivirus solutions for over a year. Its primary mechanism involves operating as a malicious PAM, allowing attackers to silently bypass system authentication and establish persistent SSH access to compromised Linux systems.

Read Post

CyberArk

Read more about 'Plague' malware exploits Pluggable Authentication Module to breach Linux systems

UK Ransomware Payment Ban Implications

Aug 7, 2025 By Donna Stobart-Hook In JUMPSEC

The UK will ban public bodies from paying ransoms and introduce new reporting rules for ransomware incidents. Public sector organisations must prepare to recover without paying. Private firms must notify the government if they plan to pay. Attackers may shift focus to private targets and use data leaks over encryption. Organisations need better visibility, response readiness, and tested recovery plans. Payment is no longer a fallback.

Read Post

JUMPSEC

Read more about UK Ransomware Payment Ban Implications

What Akira Ransomware Gang Taught This Company

Aug 6, 2025 By Adam Winston In WatchGuard

What is ransomware? Ransomware is a form of malicious software that encrypts an organization’s files or systems, effectively locking users out until a ransom is paid, usually in cryptocurrency. But in 2025, ransomware is more than just malware. It’s a multi-billion-dollar criminal business. So far this year, 4,441 organizations have been publicly listed as ransomware victims.

Read Post

WatchGuard

Read more about What Akira Ransomware Gang Taught This Company

Why Cybersecurity Leaders Need an MBA Mindset

Aug 6, 2025 By Rubrik In Rubrik

Cyber pros who ignore business strategy are hitting a ceiling. Cyber threat intelligence expert Dustin Droullard explains why understanding operations, policy, and value alignment is the missing link for future cybersecurity leaders. If you want a seat at the table, learn how the business runs.

View Video

Rubrik

Read more about Why Cybersecurity Leaders Need an MBA Mindset

Inside Silver Fox's Den: Trustwave SpiderLabs Unmasks a Global Threat Actor

Aug 5, 2025 By Trustwave In Trustwave

This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs Threat Operations team on major threat actor groups currently operating globally. The Silver Fox threat actor group, also associated with attacks attributed to Void Arachne and Great Thief of the Valley, is a relatively new, most likely China-based threat group that has emerged as a significant player in advanced persistent threat (APT) campaigns.

Read Post

Trustwave

Read more about Inside Silver Fox's Den: Trustwave SpiderLabs Unmasks a Global Threat Actor

Akira Ransomware Exploits SonicWall SMA100 Vulnerabilities: What You Need to Know

Aug 5, 2025 By Emma Stevens In BitSight

A newly surfaced set of vulnerabilities in the SonicWall SMA100 series appliances has captured the attention of cybersecurity professionals. While SonicWall has released patches for CVE-2025-40596 through CVE-2025-40599, and media reports point to a surge in Akira ransomware attacks targeting SonicWall SSL VPN infrastructure, CISA has not formally confirmed exploitation of these specific vulnerabilities by Akira at this time.

Read Post

BitSight

Read more about Akira Ransomware Exploits SonicWall SMA100 Vulnerabilities: What You Need to Know

Turning Data Disaster into Strategy: Lessons to Learn from Malware Attacks

Aug 5, 2025 By Wojciech Andryszek In GitProtect

Malware, as one of many cyber threats, is not some random annoyance. Yet, there is nothing polite about it. It bypasses your firewall and establishes itself in your system. Then, escalated privileges are granted, and processes are killed. If you are particularly unlucky, malware encrypts your core and sticks around like a parasite in the CI/CD. So, it’s not about chaos but orchestration. That means you’re forgetting about something.

Read Post