%term

SafeBreach Coverage for US CERT AA25-071A (Medusa Ransomware)

Mar 13, 2025 By Tova Dvorin In SafeBreach

On March 12, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), issued a joint Cybersecurity Advisory (CSA) titled “#StopRansomware: Medusa Ransomware” (Alert Code: AA25-071A).

Read Post

SafeBreach

Read more about SafeBreach Coverage for US CERT AA25-071A (Medusa Ransomware)

Widespread Fake CAPTCHA Campaign Delivering Malware

Mar 13, 2025 By Andres Ramos In Arctic Wolf

Arctic Wolf has recently observed a campaign in which threat actors are compromising widely used websites across various industries and embedding a fake CAPTCHA challenge. When victims visit the site, they are presented with the CAPTCHA challenge or redirected to a site that provides instructions, triggering PowerShell code execution and ultimately leading to the loading of information stealer malware.

Read Post

Arctic Wolf

Read more about Widespread Fake CAPTCHA Campaign Delivering Malware

Medusa Ransomware: FBI and CISA Urge Organizations to Act Now to Mitigate Threat

Mar 13, 2025 By Graham Cluley In Tripwire

The Medusa ransomware gang continues to present a major threat to the critical infrastructure sector, according to a newly-released joint advisory from the FBI, Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC).

Read Post

Tripwire

Read more about Medusa Ransomware: FBI and CISA Urge Organizations to Act Now to Mitigate Threat

Imagine what your organization can unlock with Rubrik Annapurna

Mar 13, 2025 By Rubrik In Rubrik

Rubrik Annapurna was designed specifically to help knock down every obstacle between you and innovation. Best in-class security? Fantastic! Seamless, scalable access to all of your enterprise data? Even better. Imagine what your organization can unlock with Rubrik Annapurna.

View Video

Rubrik

Read more about Imagine what your organization can unlock with Rubrik Annapurna

The Mike Tyson Approach to Cybersecurity: Beyond Prevention

Mar 12, 2025 By Rubrik In Rubrik

Everyone has a plan until they get punched in the face - and cyberattacks are that punch. While traditional security focuses on prevention, true resilience comes from how you respond and recover. Learn why organizations must build better infrastructure, processes, and talent post-breach instead of rushing back to normal operations. The human toll of attacks is real, but avoiding post-incident reflection is the biggest mistake you can make.

View Video

Rubrik

Read more about The Mike Tyson Approach to Cybersecurity: Beyond Prevention

CTI Roundup: Silk Typhoon, Fake Ransom Notes, and ClickFix

Mar 12, 2025 By Tanium In Tanium

Silk Typhoon shifts its tactics, threat actors target executives with physical ransom notes, and hackers use the ClickFix trick to deploy a modified Havoc Demon agent.

Read Post

Tanium

Read more about CTI Roundup: Silk Typhoon, Fake Ransom Notes, and ClickFix

Beware: Malvertising Campaign Hits Nearly a Million Devices

Mar 12, 2025 By Stu Sjouwerman In KnowBe4

Microsoft warns that a widespread malvertising campaign hit nearly one million devices around the world. The campaign, which began on illegal streaming sites, impacted both consumer and enterprise devices across a wide range of industries. “Analysis of the redirector chain determined the attack likely originated from illegal streaming websites where users can watch pirated videos,” Microsoft says.

Read Post

KnowBe4

Read more about Beware: Malvertising Campaign Hits Nearly a Million Devices

Combating Ransomware, Phishing, and Zelle Fraud at Financial and Bank SOCs

Mar 12, 2025 By Bob Boyle In Torq

Banking and financial services companies sit on a goldmine of sensitive customer data, making them a prime target for phishing and ransomware attackers hoping to strike a payout. Even with defenses like MFA and security training, human error continues to be a critical point of failure for financial institutions — a 2024 report found that 3 out of every 1000 individuals working in banking click on a phishing link each month.

Read Post

Torq

Read more about Combating Ransomware, Phishing, and Zelle Fraud at Financial and Bank SOCs

Resurgence of a Fake Captcha Malware Campaign

Mar 12, 2025 By Reegun Jayapaul In Trustwave

During an Advanced Continual Threat Hunt (ACTH) investigation in early February 2025, Trustwave SpiderLabs discovered a resurgence of fake CAPTCHA verifications designed to deceive victims into executing malicious PowerShell scripts. This campaign employs a multi-stage PowerShell execution process, ultimately delivering infostealers such as Lumma and Vidar.

Read Post

Trustwave

Read more about Resurgence of a Fake Captcha Malware Campaign

The Harsh Reality of Ransomware Attacks: It's Not a 4-Hour Fix

Mar 11, 2025 By Rubrik In Rubrik

Even well-prepared organizations with strong security are surprised by the intensity and length of cyber attacks. Heather Hughes notes that many expect quick solutions but are unprepared for the reality. "This process isn't over in two days," she explains, countering the myth of a 'big red button' fix. For more on how organizations should prepare, hear Heather, VP at Aon Cyber Solutions in the latest episode of podcast.

View Video