Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

splunk

Ransomware & Extortionware in 2024: Stats & Trends

Jan 11, 2024 By Chrissy Kidd In Splunk
In the underground cybercrime circles of the Dark Web, ransomware attacks are a particularly lucrative enterprise. These attacks are on the rise. And they’re disrupting the stalwart IT industry. The average cost of a ransom attack in 2023 was $1.54 million, almost double the previous year’s average. And research we gathered for The CISO Report show that 83% of organizations hit by a ransomware attack paid their attackers. Curious which industry is most likely to pay the ransom? Retail.
Read Post

How Generative AI Will Accelerate Cybersecurity with Sherrod DeGrippo

Jan 10, 2024 By Rubrik In Rubrik
In this episode of Cyber Security Decoded, host Steve Stone, Head of Rubrik Zero Labs, is joined by Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft to discuss the cyber threat landscape. In this episode, you'll hear insights on: Rubrik Zero Labs' “The State of Data Security: The Journey to Secure an Uncertain Future" report provides a timely view into the increasingly commonplace problem of cyber risks and the challenge to secure data across an organization’s expanding surface area.
View Video
bitsight

Data Insights on AgentTesla and OriginLogger Victims

Jan 9, 2024 By André Tavares In BitSight
AgentTesla is a Windows malware written in.NET, designed to steal sensitive information from the victim's system. It’s considered commodity malware given its accessibility and relatively low cost. Commodity malware poses a significant threat as it enables less sophisticated cybercriminals to conduct various types of cyberattacks without requiring extensive technical knowledge. AgentTesla has been a persistent and widespread threat since its emergence in 2014.
Read Post
knowbe4

FBI Releases Blackcat Ransomware Decryption Tool to Victims, Disrupting Attacks

Jan 8, 2024 By Stu Sjouwerman In KnowBe4

For the first time ever, the U.S. Justice Department announced the existence of an FBI-developed decryption tool that has been used to save hundreds of victim organizations attacked by one of the most prolific ransomware variants in the world. In an announcement made last month, the Justice Department made the world aware of the existence of a decryption tool to be used by those organizations hit by Blackcat – also known as ALPHV or Noberus.

Read Post
signmycode

Microsoft Turns Off a Significant Windows App Install Mechanism Known for Spreading Malware

Jan 5, 2024 By SignMyCode In SignMyCode

This mechanism is intended to simplify installing Windows apps after cybercriminals started using it to spread malware loaders that resulted in ransomware and backdoor outbreaks. The feature in question is called the ms-appinstaller consistent resource identifier plan, and its initial purpose was to make deploying Windows programs to devices simpler.

Read Post
alienvault

AsyncRAT loader: Obfuscation, DGAs, decoys and Govno

Jan 5, 2024 By Fernando Martinez In AT&T Cybersecurity

AT&T Alien Labs has identified a campaign to deliver AsyncRAT onto unsuspecting victim systems. During at least 11 months, this threat actor has been working on delivering the RAT through an initial JavaScript file, embedded in a phishing page. After more than 300 samples and over 100 domains later, the threat actor is persistent in their intentions.

Read Post
knowbe4

Black Basta Ransomware Decryptor Released to Help Some Victims

Jan 5, 2024 By Stu Sjouwerman In KnowBe4

A flaw found by security researchers in the encryption software allows victim organizations to use “Black Basta Buster” to recover some of their data – but there’s a catch. We’ve all heard – for as long as ransomware attacks have been happening, you either need to pay the ransom or recover from backups. But a third option has now sprouted up on GitHub.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.