Grab a cup of coffee, and let's talk about something that's been making waves in the cybersecurity world: ransomware. You've probably heard about the alarming rise in ransom payments, but did you know that ransom monetization rates have actually fallen to a record low? It's a complex and evolving landscape, and we're here to break down the recent very interesting Coveware report for you.

Social platforms are the current favorite target of cybercriminals, displacing financial institutions, providing cybercriminals with credentials to be used as launch points for further phishing campaigns. Most cyber attacks we read about seem to involve an organization that was attacked because it was perceived to have a lot of money that could be parted with via ransomware, extortion, digital fraud, etc.

New analysis of the second quarter of this year makes it clear that individuals and organizations alike are at an increasing risk of web- and email-based scams.

According to a new report, cybercriminals are making full use of AI to create more convincing phishing emails, generating malware, and more to increase the chances of ransomware attack success. I remember when the news of ChatGPT hit social media – it was everywhere. And, quickly, there were incredible amounts of content providing insight into how to make use of the AI tool to make money.

New reports show many LinkedIn users have reported complaints about accounts being taken over by bad actors. In a statement from Cyberint researcher Coral Tayar, "Some have even been pressured into paying a ransom to regain control or faced with the permanent deletion of their accounts," The reported complaints are on other social media forum platforms such as Reddit, Microsoft, and X with several users expressing frustration due to the lack of response from their support team.

The Knight ransomware-as-a-service offering (formerly known as “Cyclops”) is using phony TripAdvisor complaints to deliver its malware, BleepingComputer reports. “A newer version of this campaign spotted and analyzed by BleepingComputer now includes an HTML attachment named 'TripAdvisor-Complaint-.PDF.htm,’” BleepingComputer says.

For the fourth consecutive year, we received a Tech Cares Award from TrustRadius! This fourth annual award celebrates companies that have gone above and beyond to provide strong Corporate Social Responsibility (CSR).

We previously reported independently on PDF-based phishing attacks skyrocketing and the rise of SEO attacks. A recent research study found that the combination of both is quite common. Most worryingly, PDF-based SEO attacks are poorly detected by common defense mechanisms such as blocklists, ad blockers or even crowdsourced antivirus services VirusTotal. PDF-based attacks can be anything from a website embedded in a PDF file to an email.

TL;DR - The future of finance is intertwined with artificial intelligence (AI), and according to SEC Chair Gary Gensler, it's not all positive. In fact, Gensler warns in a 2020 paper —when he was still at MIT—that AI could be at the heart of the next financial crisis, and regulators might be powerless to prevent it. AI's Black Box Dilemma: AI-powered "black box" trading algorithms are a significant concern.

Law firms are being targeted by a large number of social engineering attacks involving the Gootloader malware delivery tool, according to researchers at Trustwave. “Recently, we’ve seen a noticeable surge in malware cases linked to a malicious payload delivery system known as Gootloader,” the researchers write. “The group behind this malware is believed to operate a malware-as-a-service operation, exclusively providing a malware delivery service for other threat actors.