%term

Ransomware Product Update 2025

Oct 9, 2025 By Rob Campbell In CYJAX

CYJAX has expanded its ransomware group coverage, giving clients broader visibility and faster intelligence on emerging threats. This blog highlights the surge in global ransomware attacks and explains how this product update enhances organisational resilience in an evolving threat landscape.

Read Post

CYJAX

Read more about Ransomware Product Update 2025

CTI roundup: DarkCloud, Trinity of Chaos, WARMCOOKIE

Oct 8, 2025 By Tanium In Tanium

DarkCloud malware targets sensitive data, a new cybercrime alliance targets major sectors, and WARMCOOKIE malware continues to evolve.

Read Post

Tanium

Read more about CTI roundup: DarkCloud, Trinity of Chaos, WARMCOOKIE

Advanced Banking Trojan Maverick Uses WhatsApp to Prey on Brazilian Users

Oct 7, 2025 By Joshua Green and Thomas Elkins In BlueVoyant

The BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) researchers recently analyzed attacks of an adversary targeting users based in Brazil via WhatsApp. The attack lures users into downloading a zip archive. The zip archive contains a shortcut file (.lnk) which ultimately downloads and executes a banking trojan which BlueVoyant researchers have dubbed Maverick internally based off the naming convention used by the attackers.

Read Post

BlueVoyant

Read more about Advanced Banking Trojan Maverick Uses WhatsApp to Prey on Brazilian Users

CTI Roundup: SystemBC, ShinyHunters, AI-obfuscated Phishing

Oct 1, 2025 By Tanium In Tanium

This week, Tanium’s Cyber Threat Intelligence (CTI) team investigates SystemBC, a large-scale proxy botnet that’s leveraging compromised virtual private server (VPS) infrastructure to support cybercriminal operations, including ransomware and credential theft. Next, the team looks at ShinyHunters—a financially motivated data extortion group that’s now targeting enterprise cloud applications.

Read Post

Tanium

Read more about CTI Roundup: SystemBC, ShinyHunters, AI-obfuscated Phishing

SpiderLabs Ransomware Tracker Update September 2025: Qilin, Akira Top Ransomware Attackers

Sep 30, 2025 By Trustwave In Trustwave

The threat groups Qilin and Akira together conducted about one-quarter of the 402 ransomware attacks tracked by Trustwave SpiderLabs in September, with the manufacturing and technology sectors receiving the brunt of these efforts. This information was derived from a new SpiderLabs ransomware tracking tool that gathers information from a variety of open intelligence sources and our own proprietary research.

Read Post

Trustwave

Read more about SpiderLabs Ransomware Tracker Update September 2025: Qilin, Akira Top Ransomware Attackers

Hunting GTPDOOR: The case of the "Black Hat Positive"

Sep 29, 2025 By Ben Reardon In Corelight

Ben Reardon, Lead Researcher Corelight Labs / NOC crew I'm a researcher on the Labs team at Corelight and, for me, working in the Black Hat Network Operations Center (NOC) at the USA show in Las Vegas is up there as one of the most interesting and intense activities on the calendar.

Read Post

Corelight

Read more about Hunting GTPDOOR: The case of the "Black Hat Positive"

Rubrik Identity Resilience: Explained!

Sep 29, 2025 By Rubrik In Rubrik

With attackers now logging in instead of hacking in, securing your identity infrastructure is more critical than ever. Relying on a patchwork of tools for Active Directory and Entra ID creates dangerous blind spots and slows your response to threats.

View Video

Rubrik

Read more about Rubrik Identity Resilience: Explained!

Ransomware Gang Files: ALPHV BlackCat

Sep 26, 2025 By WatchGuard Technologies In WatchGuard

AlphaV isn’t just another ransomware gang - they’re innovating how cybercriminals break in. Their latest move? Pass-the-Cookie attacks; hijacking session cookies to bypass MFA and silently infiltrate your cloud.

View Video

WatchGuard

Read more about Ransomware Gang Files: ALPHV BlackCat

Preventing Data Breaches: Essential Steps Your Business Needs Today

Sep 26, 2025 By SecuritySenses In SecuritySenses

The average total cost of a data breach is now $3.86 million, making prevention a top priority for businesses of every size. Yet most organizations still struggle to stay ahead. Studies reveal that it takes nearly 280 days on average to identify and contain a breach, and the shift to remote work has only made matters worse. More than three quarters of companies report longer detection and containment times, adding an estimated $137,000 to the cost of each incident.

Read Post

SecuritySenses

Read more about Preventing Data Breaches: Essential Steps Your Business Needs Today

Olymp Loader: A new Malware-as-a-Service written in Assembly

Sep 25, 2025 By Lidia López Sanz In Outpost 24

Olymp Loader is a Malware-as-a-Service (MaaS) advertised on underground forums and Telegram since June 5, 2025. The seller, “OLYMPO”, presents Olymp Loader as fully written in assembly language and frequently markets it as FUD (Fully UnDetectable). Despite its recent appearance, many underground forum users have already posted positive reviews.

Read Post