Cl0p Ransomware, aka Cl0p, is a ransomware group that emerged in February 2019 and targeted most industries worldwide, including retail, transportation, education, manufacturing, automotive, energy, financial, telecommunications and even healthcare. The clop ransomware group is thought to be a successor of the CryptoMix ransomware group.

On October 14th, prior to the data leak on December 16th, a threat actor known as IntelBroker announced on BreachForums that he was offering a Cisco breach for sale. As is typical for his operations, he provided samples and credited another well-known collaborator, EnergyWeaponUser. The price for the breach was not specified and was to be negotiated privately, with payments accepted exclusively in XMR cryptocurrency.

As we get to the end of 2024, we thought we’d look at all the significant updates Cyberint (now known as Check Point Infinity External Risk Management) has introduced over the year. These new features are designed to help you better manage your cyber risks and improve your overall security posture.

Employees often need to access various online services for work and personal purposes. Whether signing up for industry newsletters, registering for webinars, or using online tools, a corporate email address is a convenient way to manage professional communication. However, this seemingly harmless habit can expose employees and their organizations to significant risks.

Instagram became massively popular by making it simple for anyone to share photos and videos. But from the perspective of cybersecurity and brand protection, there’s a downside to the ease with which anyone can create an Instagram account and begin sharing content: The risk of Instagram impersonation. Instagram impersonation occurs when a malicious user creates an Instagram account that pretends to be owned by or associated with another entity.

As a Group Leader in the R&D team at Cyberint before the acquisition, we worked tirelessly to push the boundaries. Whether it was outpacing the competition with cutting-edge technology, delivering exceptional UI/UX, or ensuring our customers were satisfied with the precision and impact of our findings, we did it with a team that was small but mighty.

Organizations are overwhelmed by the sheer volume of vulnerabilities detected across their digital assets. Teams risk wasting time on low-impact issues while missing critical vulnerabilities that attackers could exploit. This inefficiency increases exposure to breaches and prolongs Mean Time to Resolution (MTTR). The diagram below shows the number of new vulnerabilities detected per quarter, from the year 2000 to Q1 2024, and the trend is not hard to see.

In recent years, “Pig Butchering” scams have rapidly emerged as a significant global threat, primarily targeting individuals with fraudulent investment schemes. This type of scam, originally known for its roots in China, has transformed into a global phenomenon, where victims are led to believe they are making lucrative investments, often in cryptocurrency.

The United States, is a prime target for cyber attacks. The U.S. retail sector, which holds nearly one-third of the global market share, has seen a significant rise in ransomware incidents, accounting for 45% of global retail ransomware cases in the past three quarters—a 9% increase from 2023. New groups like Ransomhub and Hunters have emerged and supply chain threats have increased. Social engineering tactics are on the rise, with attackers impersonating IT personnel.

In this blog we will cover what we know about the Finastra breach, what we know about who might have been compromised and an analysis of the validity of the Threat Actor abyss0.