Phishing remains a top initial access vector for ransomware actors, according to researchers at Cisco Talos. The threat actors often use phishing to steal legitimate credentials so they can use employee accounts without raising suspicion.

SenseOn is delighted to have achieved over 98.7% detection rate in the Malware Protection Test and 0 false positive alerts in the Real-World Protection Test, reveals the latest AV-Comparatives Business Security Report. Such a high protection rate can help provide security professionals with reassurance and peace of mind in their endpoint protection capabilities, and help to reduce their organisation’s risk exposure, optimise their internal resources and enhance their incident response playbooks.

Enterprises today generate and store colossal volumes of data in Azure Blob Storage and Data Lake Gen 2, leveraging these services for cloud-native workloads, archives, and artificial intelligence (AI) training models. However, with the deluge of information comes the amplified risk of exposure to security blind spots and the potential compromise of sensitive, mission-critical data.

The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how threat actors use Facebook for malicious activity has uncovered a new version of the SYS01 stealer. This stealer is designed to take over Facebook accounts, steal credential information from affected users' browsers, and then leverage legitimate accounts to further the spread of the malware.

Despite first appearing earlier this year, RansomHub is already considered one of the most prolific ransomware groups in existence. It operates a ransomware-as-a-service (RaaS) operation, meaning that a central core of the group creates and maintains the ransomware code and infrastructure, and rents it out to other cybercriminals who act as affiliates.

Ransomware is more prolific and expensive than ever. Depending on the source you read, the average or median ransomware payment was at least several hundred thousand dollars to well over several million in 2023. Marsh, a leader in cybersecurity insurance, wrote that its customers paid an average of $6.5 million in ransom in 2023 (after just paying an average of $1.4 million in 2023).

The Sysdig Threat Research Team (TRT) continued observation of the SSH-Snake threat actor we first identified in February 2024. New discoveries showed that the threat actor behind the initial attack expanded its operations greatly, justifying an identifier to further track and report on the actor and campaigns: CRYSTALRAY. This actor previously leveraged the SSH-Snake open source software (OSS) penetration testing tool during a campaign exploiting Confluence vulnerabilities.

Russian state-sponsored media organization RT has been using AI-powered software to generate realistic social media personas and spread disinformation for the past two years. This sophisticated tool, known as Meliorator, has been employed to target multiple countries, including the US, Poland, Germany, the Netherlands, Spain, Ukraine, and Israel. Meliorator's Capabilities.

Over the last five to ten years cybersecurity has become a boardroom subject in the majority of enterprises. This would have never happened without ransomware. Ransomware has been the best board-level awareness tool ever.