%term

Venom Spider Uses Server-Side Polymorphism to Weave a Web Around Victims

May 2, 2025 By Arctic Wolf Labs In Arctic Wolf

As part of our ongoing tracking of the threat actor TA4557 (also known as Venom Spider), the Arctic Wolf Labs team discovered a new campaign targeting corporate human resources departments and recruiters. The threat group uses phishing techniques to drop an enhanced version of a potent backdoor called More_eggs onto victim devices.

Read Post

Arctic Wolf

Read more about Venom Spider Uses Server-Side Polymorphism to Weave a Web Around Victims

Ransomware Inc: Decoding the RaaS Business Model

Apr 30, 2025 By Leah Sadoian In UpGuard

When you hear the word “ransomware,” many people think of a lone hacker launching a complex cyberattack. However, ransomware attacks that paralyze businesses worldwide have evolved into the product of a highly organized, industrialized criminal ecosystem. Their secret weapon? Ransomware-as-a-Service, or RaaS.

Read Post

UpGuard

Read more about Ransomware Inc: Decoding the RaaS Business Model

The Growing Threat of Ransomware-as-a-Service (RaaS) on Healthcare Infrastructure

Apr 30, 2025 By Guest Authors In Tripwire

According to the 2024 State of Ransomware report by Sophos, there was a 500% increase in ransom bills in the last 12 months. Moreover, an analysis by Comparitech revealed 181 confirmed ransomware incidents targeting healthcare providers in 2024, with 25.6 million records compromised. Meanwhile, there were 42 more confirmed attacks on healthcare organizations not involved in direct care provision. These additional attacks amounted to over 115 million compromised records.

Read Post

Tripwire

Read more about The Growing Threat of Ransomware-as-a-Service (RaaS) on Healthcare Infrastructure

The Dangers of Double and Triple Extortion in Ransomware Attacks

Apr 29, 2025 By Sule Tatar In Arctic Wolf

In the summer of 2024, a Russian ransomware gang launched an attack on a UK pathology services provider. However, the group didn’t just encrypt the organization’s data and demand a ransom. It exfiltrated data from more than 300 million patient interactions with the National Health Service (NHS), and when the victim organization refused to pay the hefty ransom, the group released all the stolen data on the dark web.

Read Post

Arctic Wolf

Read more about The Dangers of Double and Triple Extortion in Ransomware Attacks

Top Endpoint Protection Tools for MSPs to Stop Ransomware in 2025

Apr 29, 2025 By Evangelin Sebattini In BDRSuite

For Managed Service Providers (MSPs), ransomware attacks aren’t just a security issue, they’re a business-killing risk. In 2020, the average cost of downtime caused by ransomware was $274,200 — nearly double what it was the year before. Now, imagine you’re an MSP responsible for multiple clients, each relying on your service for their critical operations.

Read Post

BDRSuite

Read more about Top Endpoint Protection Tools for MSPs to Stop Ransomware in 2025

The Rapid Evolution of CLEARFAKE Delivery

Apr 29, 2025 By Kroll In Kroll

Kroll continues to observe widespread attempted initial access through CLEARFAKE via fake CAPTCHA pop-ups across a wide range of industry sectors. As detailed in previous Kroll reporting, CLEARFAKE is a malicious in-browser JavaScript framework deployed on compromised webpages as part of drive-by compromise campaigns. Although CLEARFAKE continues to show the same themes surrounding its use alongside fake CAPTCHA pop-ups, there are also a wide range of nuances that have appeared in the past few months.

Read Post

Kroll

Read more about The Rapid Evolution of CLEARFAKE Delivery

The Growing Threat of Ransomware to the Manufacturing Sector

Apr 29, 2025 By Kirsten Doyle In Tripwire

Ransomware has evolved from a distant “I hope it doesn’t happen to us” threat to an insidious, worldwide crisis. Among the sectors most affected is manufacturing, which has found itself more and more in attackers’ crosshairs. Manufacturing has long viewed itself as immune to digital crime, but ransomware attackers have belied this belief.

Read Post

Tripwire

Read more about The Growing Threat of Ransomware to the Manufacturing Sector

Ransomware Attacks on Critical Infrastructure Surge, Reports FBI

Apr 29, 2025 By Graham Cluley In Tripwire

The FBI is set to report that ransomware was the most pervasive cybersecurity threat to US critical infrastructure during the year of 2024. As Reuters reports, complaints of ransomware attacks against critical sectors have jumped 9% over the previous year.

Read Post

Tripwire

Read more about Ransomware Attacks on Critical Infrastructure Surge, Reports FBI

Raising the Security Bar: Essential Measures to Combat Emerging Cyber Threats

Apr 29, 2025 By SecuritySenses In SecuritySenses

Cyber threats are evolving all the time, and the pace of advancement is increasing. From malware and ransomware attacks to increasingly sophisticated phishing techniques and zero-day exploits, threat actors are constantly working to find new ways to breach our defenses, so we need to take proactive steps to raise security standards and keep our organizations on the front foot in the fight against cybercrime. In this piece, we'll discuss some essential measures you can take to do this, highlighting best practices and security technologies that can enable you to build a more threat-resilient organization.

Read Post

SecuritySenses

Read more about Raising the Security Bar: Essential Measures to Combat Emerging Cyber Threats

Ep 7: Everything Everywhere All At Once

Apr 28, 2025 By Rubrik In Rubrik

The General Manager of an electric and water utility in Littleton, Mass. gets a surprise call from the FBI. At first he suspects the caller is a spammer, but soon he learns the agent is very real. Chinese hackers are lurking deep in his utility’s systems. And his is not the only one. Hundreds of other power, water and pipeline operations across the United States are getting hit. These targets have little to no intelligence value at all. But their potential for sabotage? Enormous.

View Video