VanHelsing Ransomware: What You Need To Know
First reported earlier in March 2025, VanHelsing is a new ransomware-as-a-service operation.
The EU AI Act: Key deadlines, risk levels, and steps to prepare
The EU AI Act is one of the world’s first comprehensive regulations aimed at AI-based systems. While we had voluntary standards like ISO 42001, the Act introduced mandatory requirements that in-scope organizations must meet to avoid considerable fines and operational disruptions. If you develop, use, or distribute AI systems, you may have to meet the obligations prescribed by this directive. Our EU AI Act summary will help you do so by covering:
ARaaStocracy - RALord ransomware emerges with new DLS
The latest data leaks site (DLS) CYJAX has identified is titled RALord, which constitutes one of 14 new DLSs identified in March 2025 alone. This Ransomware-as-a-Service (RaaS) group appears to be sophisticated and professional, providing services including affiliates, data ransoms, and dark web advertisements. It has been reported that the group is active on at least one cybercriminal forum under the username ‘ForLord’.
Policy Implications from the Rise of State-Sponsored Crypto Crime
Supporting Japan FinTech Week has become a Fireblocks tradition. This March, we, as many in the ecosystem, chose to re-contextualize planned contributions and engagements as the week-long Tokyo event was the first significant global gathering of both regulators and industry after the Bybit hack.
The Crucial Role Trustwave Red Team Exercises Play in Enhancing Cybersecurity
The best way to gauge the current state of an organization’s security posture is often with a blunt lesson, and a Red Team exercise might be the bluntest way to rip off the band-aid to see what security problems exist. That concept is the genesis behind the Trustwave SpiderLabs report Healthcare Sector Deep Dive: Unmasking Security Gaps.
Backup: Why it's important to stay up to date with your data
Today, data is one of organizations' most valuable and vulnerable assets. Effective backups are essential for operational continuity and cybersecurity. With 80% of businesses exposed to ransomware attacks, this World Backup Day emphasizes the need to regularly back up critical systems to minimize downtime and ensure quick recovery from incidents. However, many organizations still face challenges with backup and restoration processes.
Caught in the CAPTCHAct: The Technical Tale of Lumma Stealer
Following on from our recent blog post, Fake CAPTCHAs, Real Threats: How Lumma Stealer Tricks Users into Self-Inflicted Malware, SenseOn has performed an in-depth analysis into recent Lumma Stealer campaigns targeting a range of our customers.
World Backup Day : Backup Your Data Before It's Too Late!
Imagine waking up one day to find all your business files, customer records, or personal memories gone—forever. No warning, no way to recover them. Scary, right? That’s why World Backup Day exists. It’s a reminder to businesses and individuals to protect their critical files before disaster strikes. On March 31st, take the time to back up your data and ensure your information is secure—because losing data is no joke.
Enhancing Kubernetes Security: Strategies for Effective Secrets Management
Kubernetes powers modern application deployments, yet safeguarding its secrets remains a formidable challenge. In a 2024 report, IBM estimated that 16% of data breaches stemmed from compromised credentials, resulting in significant financial losses. The recent attack involving a stolen API key at the U.S. Treasury Department highlights the vulnerability of even well-protected systems.
Civilian Cyber Corps: Protecting Underfunded Organizations
Welcome to the Data Security Decoded podcast by Rubrik Zero Labs. In this episode, our host, Caleb Tolin, is joined by Michael Razeeq, a cybersecurity policy researcher specializing in advocating for Civilian Cyber Corps (C3s). Michael shares insights into how these volunteer forces, C3s, are transforming community cyber defense, addressing workforce shortages, and providing both preventive and reactive cybersecurity services to underfunded organizations.