%term

Ransomware Response Plan: What Steps Schools and Libraries Should Take After an Attack

May 14, 2025 By Sarah Manley In LevelBlue

In Part 1 of this blog series The Ransomware Threat: Preparing Schools and Libraries for Ransomware Attacks, we discussed creating a pre-incident plan that includes a backup process, asset management, identity and access management, risk-based vulnerability management, and security awareness training to minimize the risk of ransomware attacks.

Read Post

LevelBlue

Read more about Ransomware Response Plan: What Steps Schools and Libraries Should Take After an Attack

Why Conventional Disaster Recovery Won't Save You from Ransomware

May 14, 2025 By Justin Giardina, Chief Technology Officer In SecuritySenses

The conventional formula for maintaining business continuity in the face of unexpected IT disruptions is as follows: Back up your data. Make a recovery plan. Test the recovery plan periodically. That approach may work well enough if your primary concern is defending against risks like server failures or data centre outages caused by natural disasters. But in the present age of widespread ransomware attacks, conventional backup and recovery planning aren't always enough.

Read Post

SecuritySenses

Read more about Why Conventional Disaster Recovery Won't Save You from Ransomware

You're Invited: Delivering malware via Google Calendar invites and PUAs

May 13, 2025 By Mackenzie Jackson In Aikido

On March 19th, 2025, we discovered a package called os-info-checker-es6 and were taken aback. We could tell it was not doing what it said on the tin. But what's the deal? We decided to investigate the matter and initially hit some dead ends. But patience pays off, and we eventually got most of the answers we sought. We also learned about Unicode PUAs (No, not pick-up artists). It was a roller coaster ride of emotions!

Read Post

Aikido

Read more about You're Invited: Delivering malware via Google Calendar invites and PUAs

How to Protect Your Business from Scattered Spider's Latest Attack Methods

May 13, 2025 By KnowBe4 Team In KnowBe4

Mandiant warns that the Scattered Spider cybercriminal group is using “brazen” social engineering attacks to target large enterprise organizations in a wide range of sectors. Specifically, the group targets “organizations with large help desk and outsourced IT functions which are susceptible to their social engineering tactics.” The threat actors impersonate employees and attempt to trick IT workers into granting them access. The group also poses as IT workers to target employees.

Read Post

KnowBe4

Read more about How to Protect Your Business from Scattered Spider's Latest Attack Methods

Risks of Using Public Wi-Fi for Crypto Transactions

May 13, 2025 By SecuritySenses In SecuritySenses

As cryptocurrency adoption continues to rise, the ease of managing assets through mobile wallets and trading platforms has brought a new layer of convenience. However, this accessibility can also lead to overlooked security risks, especially when users rely on public Wi-Fi networks for transactions. Airports, coffee shops, hotels, and public transportation hubs may offer free internet access, but these networks present significant vulnerabilities that can expose sensitive information.

Read Post

SecuritySenses

Read more about Risks of Using Public Wi-Fi for Crypto Transactions

What is Malware

May 9, 2025 By Netwrix In Netwrix

Malware Alert! Watch this 30-sec TikTok to learn what malware is, how it sneaks into your device, and why it’s a total vibe-killer!

View Video

Netwrix

Read more about What is Malware

LockBit Ransomware Gang Breached, Secrets Exposed

May 9, 2025 By Graham Cluley In Tripwire

Oh dear, what a shame, never mind. Yes, it's hard to feel too much sympathy when a group of cybercriminals who have themselves extorted millions of dollars from innocent victims have found themselves dealing with their own cybersecurity problem. And that's just what has happened to the notorious LockBit ransomware gang, which has been given a taste of its own medicine.

Read Post

Tripwire

Read more about LockBit Ransomware Gang Breached, Secrets Exposed

New DOGE Big Balls Ransomware Tools in the Wild

May 7, 2025 By Leandro Fróes In Netskope

During the Netskope Threat Labs hunting activities, we came across a payload that led us to a multi-stage chain involving several custom PowerShell scripts, open source tools (such as Mimikatz and Rubeus), vulnerable drivers being exploited, and red team framework payloads (such as Havoc). After further investigation, we discovered these files were part of the arsenal of what seems to be an operator of a ransomware named “DOGE Big Balls,” a variant of the Fog ransomware.

Read Post

Netskope

Read more about New DOGE Big Balls Ransomware Tools in the Wild

CTI Roundup: Infostealers, Zero-Day Attacks, and Gremlin Stealer

May 7, 2025 By Tanium In Tanium

Infostealers threaten corporate security, Google observes 75 zero-day exploits in 2024, and Gremlin Stealer appears in an underground forum.

Read Post

Tanium

Read more about CTI Roundup: Infostealers, Zero-Day Attacks, and Gremlin Stealer

GhostGPT, the new malicious chatbot and its impact on cybersecurity

May 7, 2025 By Ryan Estes In WatchGuard

At this juncture, it is no surprise that cybercriminals are leveraging the potential of generative artificial intelligence to strengthen their attacks. However, the emergence of new models specifically designed to generate threats quickly has made this task even easier for bad actors. At the end of 2024, researchers discovered a new AI chatbot created for cybercriminal purposes.

Read Post