Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

January 2025

Modern Tech Old Systems on the Cloud! #shorts #datasecuritydecoded #cybersecurity #podcast

Jan 24, 2025 By Rubrik In Rubrik
"If you don’t know what you have, you can’t secure it. And putting a 30-year-old system on the cloud doesn’t make it modern.” – Kris Lovejoy Cybersecurity starts with the basics: inventory and upgrades. Want to future-proof your business? Catch Kris’s insights on now.
View Video
foresiet

Inside FunkSec: An Exclusive Interview with a Ransomware Architect

Jan 23, 2025 By Foresiet In Foresiet
Summary FunkSec is a new ransomware group that came into the spotlight after attacking many sectors around the world. The group runs a data leak site on Tor. Funksec employees conduct double extortion attacks, which means hackers encrypt and exfiltrate data from the victim to extort them for paying ransom to the attackers.
Read Post
netskope

Lumma Stealer: Fake CAPTCHAs & New Techniques to Evade Detection

Jan 23, 2025 By Leandro Fróes In Netskope
In January, Netskope Threat Labs observed a new malware campaign using fake CAPTCHAs to deliver Lumma Stealer. Lumma is a malware that works in the malware-as-a-service (MaaS) model and has existed since at least 2022. The campaign is global, with Netskope Threat Labs tracking victims targeted in Argentina, Colombia, the United States, the Philippines, and other countries around the world.
Read Post

Global Cybersecurity Needs Global Standards #shorts #podcast #datasecuritydecoded #cybersecurity

Jan 23, 2025 By Rubrik In Rubrik
"I’m pro-regulation, but the lack of international standards makes compliance a huge challenge.” - Kris Lovejoy Cybersecurity today isn’t just about protection but navigating a fragmented regulatory landscape. Kris explains why standardization is key to resilience. Catch her insights on! Key Points: Why regulations matter Challenges of global compliance Building resilience across borders.
View Video
Trustwave

Trustwave SpiderLabs: The Ransomware Trends Confronting the Energy and Utilities Sector

Jan 23, 2025 By Trustwave In Trustwave
Increasing frequency, new threat groups emerging, the rise of ransomware-as-a-service (RaaS) attack model, and third-party attacks are just a few of the dangerous trends Trustwave SpiderLabs details in Energy and Utilities Sector Deep Dive: Ransomware Trends. This report supplements the just released 2025 Trustwave Risk Radar Report: Energy and Utilities Sector. This broader and more comprehensive report analyzes the energy and utilities sector’s major threats and trends.
Read Post
knowbe4

Malvertising Campaign Abuses Google Ads to Target Advertisers

Jan 22, 2025 By Stu Sjouwerman In KnowBe4
Researchers at Malwarebytes are tracking a major malvertising campaign that’s abusing Google Ads to target individuals and businesses interested in advertising. The threat actors are using compromised Google Ads accounts to run ads that impersonate Google, leading victims to a fake Google login page designed to steal their credentials.
Read Post
CrowdStrike

CrowdStrike Researchers Explore Contrastive Learning to Enhance Detection Against Emerging Malware Threats

Jan 22, 2025 By JP Clark In CrowdStrike
The process of crafting new malware detection features is usually time-consuming and requires extensive domain knowledge outside the expertise of many machine learning practitioners. These factors make it especially difficult to keep up with a constantly evolving threat landscape. To mitigate these challenges, the CrowdStrike Data Science team explored the use of deep learning to automatically generate features for novel malware families.
Read Post
LimaCharlie

Introducing CelesTLSH: Advanced Malware Detection with Fuzzy Hashing

Jan 22, 2025 By David Burkett In LimaCharlie
We are excited to announce the integration of the CelesTLSH Malware Scanner into the LimaCharlie ecosystem. Developed by Magonia Research, CelesTLSH enhances your security operations by scanning files collected via the BinLib extension. It identifies known malware and threat actor tools through advanced fuzzy hashing techniques.
Read Post
Trustwave

The New Face of Ransomware: Key Players and Emerging Tactics of 2024

Jan 21, 2025 By Serhii Melnyk In Trustwave
As we step into 2025, the high-impact, financially motivated ransomware landscape continues to evolve, shaped by a combination of law enforcement actions, shifting affiliate dynamics, advancements in defensive approaches, and broader economic and geopolitical influences. While 2024 also saw the continued use of ransomware for non-financial gain purposes, such as drawing attention away from other activities – financial motives remained at the forefront of the overall ransomware landscape.
Read Post
foresiet

Cl0p Ransomware's Reign of Cyber Extortion: Analyzing the Recent Cleo Software Exploits

Jan 20, 2025 By Foresiet In Foresiet
In the context of ongoing cyber risk assessment , ransomware is one of the most commercial and destructive forms of cybercrime. Amidst the ocean of crime groups within cyberspace, the Cl0p ransomware syndicate is one of the more refined and persistent threats. This group of cyber-thieves has made notorious headlines with aggressive forms of extortion and campaigns.
Read Post

Regulatory Readiness & Resilience with Kris Lovejoy, Global Security Leader at Kyndryl

Jan 20, 2025 By Rubrik In Rubrik
Welcome to the Data Security Decoded podcast, brought to you by Rubrik Zero Labs. In each episode, we discuss cybersecurity with thought leaders and industry experts and get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.
View Video
foresiet

The Anatomy of Akira Ransomware: Is Your Organization Safe? Learn Threats, Exploits, and Safeguards

Jan 17, 2025 By Foresiet In Foresiet
Akira ransomware is a destructive malware that has ravaged industries since its discovery in March 2023. The operations have mostly targeted businesses in North America, the UK, and Australia. Akira ransomware’s darkweb site Akira employs a double-extortion tactic; it does not only encrypt the victim's data but also exfiltrates the data, and subsequently threatens to leak it on the internet unless the ransom demand is met.
Read Post
knowbe4

Ransomware Gangs Claimed More Than 5,000 Attacks in 2024

Jan 17, 2025 By Stu Sjouwerman In KnowBe4
Ransomware groups claimed responsibility for 5,461 attacks in 2024, with 1,204 of these attacks being publicly confirmed by victim organizations, according to Comparitech’s latest Ransomware Roundup report. The average ransom demand was more than $3.5 million, and the average ransom paid was $9.5 million. Many of these attacks involved data theft extortion, leading to the breach of nearly 200 million records.
Read Post
11:11 systems

Insights from the Codefinger Ransomware Attack: A Wake-Up Call for IT Leaders

Jan 16, 2025 By Scott Gray In 11:11 Systems
The recent Codefinger ransomware attack has sent shockwaves through the IT community, specifically targeting businesses relying on AWS S3 storage services. This breach highlights the importance of prioritizing security “best practices” to protect even the most reliable platforms.
Read Post
cyberint

FSOCIETY & FUNKSEC Collaborate On Future Attacks

Jan 16, 2025 By Adi Bleih In Cyberint
On January 15th, the FSOCIETY ransomware group published on their official DLS (data leak site) that they have begun a partnership with the rising Funksec group. The FunkSec ransomware group first emerged publicly in late 2024 and rapidly gained prominence by publishing over 85 claimed victims—more than any other ransomware group in the month of December.
Read Post
Trustwave

The Database Slayer: Deep Dive and Simulation of the Xbash Malware

Jan 14, 2025 By Karl Biron In Trustwave
In the world of malware, common ransomware schemes aim to take the data within databases (considered the "gold" in the vault of any organization) and hold them hostage, promising data recovery upon ransom payment. Typically, most of these schemes follow an expected script: encrypting files, requesting payment, and then delivering a decryption key. This model, while damaging, generally allows victims to recover if they pay the ransom.
Read Post

Data Security's Low Hanging Fruit: Redundant, Obsolete, and Trivial Data

Jan 14, 2025 By Rubrik In Rubrik
In this episode of Into the Breach, James Purvis and Drew Russell tackle the growing issue of ROT data - redundant, obsolete, and trivial data - and its impact on both security and costs. They discuss how CISOs can achieve a win-win by reducing risk and hard costs through effective data management. From cloud migration to legal implications, they explore practical strategies to identify, manage, and eliminate ROT data for a more efficient and secure organization.
View Video

Why You Can't 'Opt Out' of Cyber Policy #shorts #datasecuritydecoded #podcast

Jan 14, 2025 By Rubrik In Rubrik
Public Policy Moves Forward With or Without You Waiting for your preferred party to take power before engaging in cyber policy isn't just ineffective – it's a missed opportunity to shape critical decisions that affect everyone. Public policy continues to evolve regardless of who holds office, and the cybersecurity landscape waits for no one.
View Video
senseon

Fake CAPTCHAs, Real Threats: How Lumma Stealer Tricks Users into Self-Inflicted Malware

Jan 14, 2025 By Sam Stoneley In SenseOn
SenseOn has detected a large increase in the Lumma Stealer malware targeting customers over the past few months. Unlike traditional malware strains, Lumma Stealer has been leveraging a unique, and increasingly effective, access vector of fake CAPTCHA verification prompts. These deceptive prompts trick users into running malicious commands on their device eventually injecting malicious processes into legitimate programs. This attack vector is expected to become even more prevalent throughout 2025.
Read Post
Arctic Wolf

Ransomware Campaign Encrypting Amazon S3 Buckets using SSE-C

Jan 14, 2025 By Julian Tuin In Arctic Wolf
On January 13, 2025, Halcyon released a research blog about the Codefinger group conducting a ransomware campaign targeting Amazon S3 buckets. The attacks leverage AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) to encrypt data. The threat actors then demand ransom payments for the symmetric AES-256 keys required to decrypt it.
Read Post
cyberint

Ransomware Annual Report 2024

Jan 13, 2025 By Adi Bleih In Cyberint
In 2024, the ransomware landscape recorded 5,414 published attacks on organizations worldwide, representing an 11% increase compared to 2023. While the year began with a decline in ransomware activity during Q1, the frequency of attacks surged in Q2 and continued to rise through the remainder of the year. This culminated in a dramatic spike during Q4, which saw 1,827 incidents—33% of all ransomware attacks for the year—making it the most active quarter.
Read Post

Bridging Cyber Policy Gaps for Rural and Underserved Communities with Nicole Tisdale

Jan 10, 2025 By Rubrik In Rubrik
Welcome to the Data Security Decoded podcast, brought to you by Rubrik Zero Labs. In each episode, we discuss cybersecurity with thought leaders and industry experts, getting their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.
View Video

The REAL Impact of Hospital Cyberattacks, It's More Than Just 'Rescheduling #shorts #cybersecurity

Jan 10, 2025 By Rubrik In Rubrik
When hospitals say "procedures were rescheduled" after a cyberattack, they're missing the human cost. For many patients, a medical appointment isn't just a calendar entry – it's arranged time off work, transportation plans, aftercare support, and lost wages. These disruptions hurt vulnerable communities the most and damage the essential trust between healthcare providers and their patients.
View Video
foresiet

The Dark Playbook: Cyber Threats, IntelBroker Exploits, Supply Chain Attacks, and Infostealers

Jan 10, 2025 By Foresiet In Foresiet
Advanced cyberattacks by adversaries who maximize the impact using the combination of sophisticated tools and methods are the norm. Some of the most dangerous strategies are integrating supply chain attacks, infostealer malware, and infamous threat actors, including IntelBroker and CyberNiggers. The above-mentioned groups typify the growing landscape of the cyber threat that makes use of collaboration, sophisticated tools, and strategic exploitation of vulnerabilities.
Read Post
tripwire

Space Bears Ransomware: What You Need To Know

Jan 9, 2025 By Graham Cluley In Tripwire
Space Bear is a relatively new ransomware group that first appeared on the radar in April 2024. The gang, which is aligned to the Phobos ransomware-as-a-service group, steals sensitive data from organisations, encrypts victims' computer systems, and demands that a ransom be paid for a decryption key or the data will be published on the dark web.
Read Post
cato networks

Under Siege: Ransomware and Healthcare

Jan 8, 2025 By Christopher Rudolph In Cato Networks
It’s becoming all too common these days: ransomware hitting another organization. However, most people don’t know exactly what happens when ransomware is found and what must be addressed. What makes it even more challenging for healthcare is that the data that can be stolen, like personal health information, is much more valuable than credit card numbers.
Read Post
cyjax

The Great Morpheus: New Extortion Group DLS Emerges

Jan 8, 2025 By Roman Faithfull In CYJAX
As 2025 progresses into its second week, it has not taken long for a new data-leak site (DLS) for an extortion group to emerge. December 2024 saw the emergence of LeakedData, FunkSec, and Bluebox. This week, the new group goes by the name Morpheus. Read on to find out what Cyjax knows about this new entrant into the extortion scene so far.
Read Post
cyberark

CIO POV: Ransomware and Resilience-2024's Biggest Cyber Stories

Jan 8, 2025 By Omer Grossman In CyberArk
Let’s begin 2025 with an understatement about last year: 2024 was an eventful year for cybersecurity. That in itself is no surprise. The specifics, though, looked like this: AI use accelerated (for good and for bad), ransomware surged and relentless attacks on third parties shifted focus to cyber resilience.
Read Post
acronis

How to scan for malware?

Jan 7, 2025 By Acronis In Acronis
Imagine this: It's a typical Wednesday evening. You're scrolling through your photos, reminiscing about a recent vacation. Suddenly, your screen freezes. A message appears: “Your files are encrypted. Pay $5,000 in Bitcoin or lose everything forever.” This isn't a scene from a cyber thriller. It's the terrifying reality thousands of people face every single day.
Read Post

Perimeter Security vs Cyber Resilience: CSPM vs DSPM

Jan 6, 2025 By Rubrik In Rubrik
In this episode of Into the Breach, James Purvis is joined by Noam Perel to explore the key differences between CSPM (Cloud Security Posture Management) and DSPM (Data Security Posture Management). They dive into how these tools address different problems, their unique approaches to security, and why organizations benefit from leveraging both. Discover how DSPM’s data-centric approach complements CSPM’s infrastructure focus, the distinct personas driving each, and how together they provide a stronger, more resilient security posture.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.