As Aviation, Maritime, Rail and Road transport organisations are reportedly experiencing increased levels of ransomware activity across Europe as per ENISA’s recent report, JUMPSEC analysts have combined the findings with JUMPSEC’s attacker reported data scraped from a variety of sources (including the dark web) providing further context to the risks currently posed to European transport organisations.

The Splunk Threat Research Team (STRT) continues to analyze and produce content related to the ongoing geopolitical conflict in eastern Europe where new variances of destructive payloads are being released, targeting government and civilian infrastructure. The sole purpose of these destructive payloads is to decimate infrastructure; there is no ransom or alternative presented, and they need to be addressed as soon as they are detected.

Ransomware has become a significant threat in today’s digital landscape, with cybercriminals using it as an effective means of making money, often with a low cost and high profit margin. Victims rarely recover their stolen data in full, despite promises from the perpetrators, so most of the time paying the ransom is not a viable solution.

Rubrik Zero Labs is excited to debut its second State of Data Security report: “The State of Data Security: The Hard Truths.” This in-depth global study is the first public use of Rubrik telemetry data to provide objective data security insights. Rubrik data is complemented by an extensive third-party study conducted by Wakefield Research, which provides a deeper look into the challenges IT and security decision-makers face, the impacts of these challenges, and possible solutions.

Understanding ransomware attacks is the first step in being able to prevent them from successfully targeting an organization. To prevent ransomware attacks, organizations must have strong security protocols in place such as performing regular system backups and training employees to avoid social engineering scams, among other measures. Continue reading to learn more about ransomware attacks and what organizations can do to stay protected against this type of attack.

A new malicious package has been detected on the Node Package Manager (npm) repository that poses a significant threat to users who may unknowingly install it. Named ‘Vibranced,’ the package has been carefully crafted to mimic the popular ‘colors’ package, which has over 20 million weekly downloads.

Adversaries use multiple techniques to identify and exploit weaknesses in Active Directory (AD) to gain access to critical systems and data. This blog post explores 3 ways they use PowerShell PowerSploit to elevate or abuse permissions, and offers effective strategies for protecting against them.

We live in a digital age, where new technologies are emerging daily, and old technologies are evolving and merging into new ones so fast that one could quickly lose track. All of this new technology is for the betterment and ease of life and to ensure that humanity lives a peaceful, stress-free and non-redundant life.

Cyber threat actors are becoming more and more efficient. They are targeting software and applications that are used by organizations globally. One recent example of this is the ESXIargs mass ransomware campaign which targeted a zero-day vulnerability in ESXi. So far this year, it has been reported that over 3,000 ESXi servers and countless virtual machines globally have been impacted by this campaign in the last two months.

The Windows kernel driver is an interesting space that falls between persistence and privilege escalation. The origins of a vulnerable driver being used to elevate privileges may have begun in the gaming community as a way to hack or cheat in games, but also has potential beginnings with Stuxnet.