Thirty-four percent of state and local government entities were hit by ransomware in 2024, a new report from Sophos has found. While this is a decrease compared to the attack rate in 2023, the mean cost of recovery for these entities has more than doubled to $2.83 million. Seventy-two percent of ransom demands made to state and local government organizations in 2024 were for $1 million or more, with 37% of demands for $5 million or more.

Recently, a client enlisted the support of Trustwave to investigate an unauthorized access incident within its internal cloud-based environment, leading to the deployment of Mallox ransomware by threat actors to its server. A misconfiguration allowed unauthorized individuals to bypass security restrictions. This blog details the initial access method, the tools used to execute their operations, and an analysis of the Mallox ransomware.

Cyber insurance has a strange past: AIG first took cyber insurance to market in 1997 despite a total lack of actuarial data to inform premiums or policies. Essentially, the industry ran on guesswork. Even today, the cyber insurance market is remarkably unpredictable compared to long-established insurance policies such as those for housing or health.

To further raise awareness on threat actor activity in the dark web and hacking communities, today we are introducing the Cato CTRL Threat Actor Profile. This will be a blog series that profiles various threat actors and documents notable activity that we are observing. Our inaugural Cato CTRL Threat Actor Profile is on Yashechka.

You can mitigate the risk of ransomware attacks by regularly backing up your data, updating your device with the latest software, implementing least-privilege access, using a business password manager and educating employees about security awareness, among other things. Ransomware attacks occur when organizations are prevented from accessing files and data until they’ve paid a ransom to the cybercriminal who infected their devices with malware.

A new strain of Android malware has emerged, targeting victims' card details and utilizing near-field communication (NFC) technology to facilitate unauthorized ATM withdrawals. This sophisticated crimeware, active since March 2024, has already impacted customers of three major Czech banks.

When it comes to cybersecurity, ransomware is probably one of the first threats you think of. It seems like it’s everywhere — and it is. Ransomware is one of the most notorious cyber threats affecting individuals, businesses, and organizations globally. The frequency and impact of these attacks have surged in recent years, making it crucial to understand their nature and how to protect against them.

In today's data-driven world, protecting critical business information is paramount. We're excited to announce that Rubrik support for Oracle Databases on Windows is now available. This added support enables customers to bring Rubrik Security Cloud to even more of their mission-critical Oracle environments, providing a comprehensive, efficient, and reliable data protection solution for enterprises of all sizes.

Read also: a Russian ransomware actor was extradited to the US, Germany cracks down on illegal crypto ATMs, and more.

New tools appear in ongoing social engineering campaign, Mad Liberator ransomware targets AnyDesk users, and Bitdefender explores the evolving cybercriminal underground.