%term

New WatchGuard Threat Lab Report Discovers 94% Increase in Network Malware as Cybercriminals Exploit Advanced, Encrypted Connections

Apr 10, 2025 By WatchGuard In WatchGuard

Other key findings show an increase in crypto miner detections, a spike in zero-day malware, a drop in endpoint malware, a rise in Linux-based threats, and more.

Read Post

WatchGuard

Read more about New WatchGuard Threat Lab Report Discovers 94% Increase in Network Malware as Cybercriminals Exploit Advanced, Encrypted Connections

Chinese APT Exploits Ivanti CVE-2025-22457 with Malware

Apr 10, 2025 By Foresiet In Foresiet

A newly disclosed vulnerability in Ivanti Connect Secure (ICS) VPN appliances has been weaponized in the wild by a Chinese nation-state threat actor, UNC5221. Tracked as CVE-2025-22457, this critical stack-based buffer overflow vulnerability allows unauthenticated remote attackers to execute arbitrary code, posing a significant risk to enterprise networks.

Read Post

Foresiet

Read more about Chinese APT Exploits Ivanti CVE-2025-22457 with Malware

64% of Australian Organizations Hit by Ransomware Were Forced to Halt Operations

Apr 10, 2025 By Stu Sjouwerman In KnowBe4

Illumio’s recent Global Cost of Ransomware Study found that 64% of Australian companies hit by ransomware had to shut down operations as a result. Additionally, 43% of these organizations reported a significant loss of revenue, and 39% lost customers as a result of an attack. Most respondents indicated that reputational damage has overtaken regulatory fees as the most costly effect of a ransomware attack.

Read Post

KnowBe4

Read more about 64% of Australian Organizations Hit by Ransomware Were Forced to Halt Operations

Tycoon2FA New Evasion Technique for 2025

Apr 10, 2025 By Phil Hay, Rodel Mendrez In Trustwave

The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at slipping past endpoints and detection systems. These include using a custom CAPTCHA rendered via HTML5 canvas, invisible Unicode characters in obfuscated JavaScript, and anti-debugging scripts to thwart inspection. This blog takes a closer look at these methods to better understand how this kit is evolving and what defenders should be aware of.

Read Post

Trustwave

Read more about Tycoon2FA New Evasion Technique for 2025

Prevention isn't enough!

Apr 10, 2025 By Rubrik In Rubrik

Attackers just need to succeed once to get your data. As defenders, we need to get it right 100% of the time. That’s why prevention is no longer enough. Let’s build a proactive strategy for securing your data wherever it lives! Subscribe to our channel to learn more about how Rubrik can help.

View Video

Rubrik

Read more about Prevention isn't enough!

Healthcare's Biggest Cyber Weakness Isn't What You Think

Apr 10, 2025 By Rubrik In Rubrik

Cybersecurity expert Pavlina Pavlova reveals that healthcare breaches aren't happening because of sophisticated attacks, but due to basic security failures like missing multi-factor authentication, delayed patching, and phishing vulnerabilities.

View Video

Rubrik

Read more about Healthcare's Biggest Cyber Weakness Isn't What You Think

OCULAR SPIDER and the Rise of Ransomware-as-a-Service

Apr 10, 2025 By CrowdStrike In CrowdStrike

Ransomware has become more difficult for organizations to defend against, but easier for adversaries to deploy. The rise of ransomware-as-a-service (RaaS) — a model in which ransomware operators write the malware and affiliates pay to launch it — has lowered the barrier to entry so threat actors of all skill levels can participate and profit.

View Video

CrowdStrike

Read more about OCULAR SPIDER and the Rise of Ransomware-as-a-Service

Diskless Infostealer, Next-generation Delivery?

Apr 9, 2025 By Aaron Hau In ThreatSpike

In a recent social-engineering attack targeting the hospitality sector observed by the ThreatSpike team, there appears to be a change in the tactics employed by the threat actor. The hospitality sector, where top-notch customer-service is expected, customer-facing employees are often lucrative targets for phishing, as detailed in our previous blog post.

Read Post

ThreatSpike

Read more about Diskless Infostealer, Next-generation Delivery?

Resurgent North Korean Malware Campaign in npm

Apr 9, 2025 By Veracode Threat Research In Veracode

Hello from the Veracode Research blog! It’s been a minute since we’ve done a malware write-up, but we’re back and ready for action! And speaking of folks who are back and ready for action, the North Korean attackers behind the crypto wallet stealer campaign we wrote about in February of 2024 and again in May of 2024 are back at it with a new batch of malicious npm packages.

Read Post

Veracode

Read more about Resurgent North Korean Malware Campaign in npm

The Cost of Ransomware: Shutdowns & Extortion

Apr 9, 2025 By Josh Breaker-Rolfe In Tripwire

Ransomware is no longer in its heyday. Evolving, AI-driven cybersecurity tools and global law enforcement efforts have seen to that. But that doesn’t mean ransomware is no longer a threat. In fact, in some ways, the danger is greater than ever. While ransomware attacks are less common than they used to be, the consequences of those that succeed are more severe. Earlier this year, the Ponemon Institute published a study revealing massive changes in the ransomware landscape.

Read Post