Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ransomware Strikes! What to Do in the First 60 Minutes: Understanding the Threat (Part 1)

Jun 27, 2025 By VISTA InfoSec In VISTA InfoSec
Are you prepared for a ransomware attack? In this crucial first part of our "Ransomware Strikes! What to Do in the First 60 Minutes" series, we pull back the curtain on one of the most terrifying cyber threats facing businesses today. Join VISTA InfoSec, an officially empaneled organization with CREST, PCI Council, CSRO SG, SWIFT, and CERT-IN, as we dive deep into the reality of ransomware in 2024. We'll reveal staggering statistics, including the average cost of an attack ($5.13 million!) and the heartbreaking truth about small businesses.
View Video

The #1 Way Companies Get Hacked (It's Not What You Think)

Jun 27, 2025 By Rubrik In Rubrik
Plot twist: The biggest cyber threat isn't coming from hackers breaking in... It's coming from vendors you INVITED in! Most companies only discover their third-party risks during ransomware simulations - when it's too late to fix them. Here's the uncomfortable reality: You don't know who has access to your systems You don't know what they can actually touch You're one vendor breach away from disaster.
View Video
Arctic Wolf

GIFTEDCROOK's Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations

Jun 26, 2025 By Arctic Wolf Labs In Arctic Wolf
The Arctic Wolf Labs team has discovered that the cyber-espionage group UAC-0226, known for utilizing the infostealer GIFTEDCROOK, has significantly evolved its capabilities. It has transitioned the malware from a basic browser data stealer (which we’re referring to as v1), through two new upgrades (v1.2 and v1.3) into a robust intelligence-gathering tool. Analysis of early files from February 2025 suggests that the GIFTEDCROOK project began as a demo during that period.
Read Post
netskope

DeepSeek Deception: Sainbox RAT & Hidden Rootkit Delivery

Jun 26, 2025 By Leandro Fróes In Netskope
Netskope Threat Labs has discovered a campaign using fake installers to deliver the Sainbox RAT and Hidden rootkit. During our threat hunting activities, we encountered multiple installers disguised as legitimate software, including WPS Office, Sogou, and DeepSeek. These installers were mainly MSI files that were delivered via phishing websites. Both the phishing pages and installers were in Chinese, indicating that the targets are Chinese speakers.
Read Post

Why Hackers Ignore Zero-Days (And What They Use Instead)

Jun 26, 2025 By Rubrik In Rubrik
You'd think hackers use the latest zero-day exploits, right? WRONG! PwC's threat intelligence reveals hackers are actually exploiting OLD vulnerabilities that companies just... forgot to patch While cybersecurity teams chase shiny new threats, criminals are walking through the front door with keys we left lying around. The scariest part? Even criminal groups (not just nation-states) are making this their primary attack method.
View Video

RPM Global Streamlines Operations and Enhances Data Security with Rubrik

Jun 24, 2025 By Rubrik In Rubrik
RPM Global, a leading ASX-listed mining advisory and software company, turns to Rubrik for operational resilience. Challenged by a phishing attack on its core business unit in the past, RPM Global now leverages Rubrik’s comprehensive product suite, including M365 Protection, Rubrik Cloud Vault, and Edge, to safeguard its most valuable asset - customer data.
View Video
Trustwave

Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors

Jun 24, 2025 By Nathaniel Morales In Trustwave
Dire Wolf is a newly emerged ransomware group first observed in May 2025 and Trustwave SpiderLabs recently uncovered a Dire Wolf ransomware sample that revealed for the first time key details about how the ransomware operates. Since its discovery, Dire Wolf ransomware group has launched a series of targeted attacks across multiple sectors and regions with an emphasis on manufacturing and technology sectors.
Read Post
tripwire

Qilin Offers "Call a lawyer" Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay

Jun 20, 2025 By Graham Cluley In Tripwire
Imagine for one moment that you are a cybercriminal. You have compromised an organisation's network, you have stolen their data, you have encrypted their network, and you are now knee-deep in the ransomware negotiation. However, there's a problem. Your target is stalling for time. Who can you, as the perpetrator of the crime rather than the innocent victim, turn to for advice? Well, if you are an affiliate of the Qilin ransomware group, you can simply hit the "Call Lawyer" button.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.