%term

Breaking Down Ransomware-as-a-Service

Mar 6, 2025 By Arctic Wolf In Arctic Wolf

Ransomware-as-a-service is a business model where ransomware operators and third parties, called “affiliates,” work together to launch ransomware attacks. RaaS was first identified in 2012 with the Reveton ransomware strain, and in the subsequent decade it has exploded into a sophisticated and ever-evolving cybercrime tactic.

Read Post

Arctic Wolf

Read more about Breaking Down Ransomware-as-a-Service

Byte Back: Next-Generation Malware Classification Using Binary Transformers

Mar 6, 2025 By Florian Stortz In CrowdStrike

In recent years, Transformer models have been the backbone of the revolution within the artificial intelligence sector. They are the basis of large language models (LLMs) and responsible for LLMs’ ability to understand and generate text of a human-like quality. Transformers are able to learn long-range interactions between words and sentences, allowing them to retain high-level concepts and insights into their training data.

Read Post

CrowdStrike

Read more about Byte Back: Next-Generation Malware Classification Using Binary Transformers

A Deep Dive into Strela Stealer and how it Targets European Countries

Mar 6, 2025 By Dawid Nesterowicz In Trustwave

Infostealers have dominated the malware landscape due to the ease of threat operations maintenance, and a wide group of potential victims. In this blog, we take a closer look at a unique infostealer designed to precisely target a narrow data set on systems located in chosen geographic locations. The Strela Stealer (rus. Cтрела, lit. 'Arrow') is an infostealer that exfiltrates email log-in credentials and has been in the wild since late 2022.

Read Post

Trustwave

Read more about A Deep Dive into Strela Stealer and how it Targets European Countries

Data at Risk: 96% of Ransomware Attacks Involve Data Theft

Mar 6, 2025 By Stu Sjouwerman In KnowBe4

A new report from Arctic Wolf has found that 96% of ransomware attacks now involve data theft as criminals seek to force victims to pay up. “As potential victims implemented more reliable backup and restoration processes, ransomware operators introduced data exfiltration as a means to apply additional pressure and protect their revenue streams,” Arctic Wolf says.

Read Post

KnowBe4

Read more about Data at Risk: 96% of Ransomware Attacks Involve Data Theft

Cactus Ransomware: What You Need To Know

Mar 5, 2025 By Graham Cluley In Tripwire

Cactus is a ransomware-as-a-service (RaaS) group that encrypts victim's data and demands a ransom for a decryption key. Hundreds of organisations have found themselves the victim of Cactus since it was first discovered in March 2023, with their stolen data published on the dark web as an "incentive" to give in to the extortionists' demands.

Read Post

Tripwire

Read more about Cactus Ransomware: What You Need To Know

February 2025 Cybersecurity Consulting Updates and Ransomware Activity

Mar 5, 2025 By Bindu Sundaresan In LevelBlue

Each month, we break down critical cybersecurity developments, equipping security professionals with actionable intelligence to strengthen defenses. Beyond threat awareness, this blog also provides insights into incident readiness and response, drawing from real-world experiences in consulting cybersecurity services. Learn how organizations can proactively prepare for cyber incidents, mitigate risks, and enhance their resilience against evolving attack vectors.

Read Post

LevelBlue

Read more about February 2025 Cybersecurity Consulting Updates and Ransomware Activity

CTI Roundup: Auto-Color Malware, Vulnerable Windows Driver, and Lotus Blossom

Mar 5, 2025 By Tanium In Tanium

Auto-color Linux malware grants full remote access, attackers exploit Truesight.sys in new malware campaign, and Lotus Blossom threatens multiple industries.

Read Post

Tanium

Read more about CTI Roundup: Auto-Color Malware, Vulnerable Windows Driver, and Lotus Blossom

Trouble Brewing: Dissecting a fake homebrew update that stole user data

Mar 5, 2025 By Oliver Simonnet In CultureAI

A few weeks ago, a malware campaign that leveraged Google Ads to promote a fake Homebrew website caught my attention. It tricked users into running an installer command that downloaded and executed a malicious binary resulting in an info stealer being introduced to the user’s machine.

Read Post

CultureAI

Read more about Trouble Brewing: Dissecting a fake homebrew update that stole user data

People and Process Drive Technology: Modern Ways to Bridge IT Ops and Security

Mar 4, 2025 By Rubrik In Rubrik

In this episode of Into the Breach, James Purvis and Mike Schmidt tackle the evolving relationship between IT Ops and IT Security. They discuss how eliminating silos, adopting a people-and-process-driven approach, and embracing platformization can bridge the gap between these traditionally separate teams. Learn how modern organizations are shifting from best-of-breed solutions to integrated platforms to improve collaboration, streamline workflows, and achieve faster, more effective outcomes as cloud adoption skyrockets.

View Video

Rubrik

Read more about People and Process Drive Technology: Modern Ways to Bridge IT Ops and Security

The Rise of Perfect Clones: The Darcula Phishkit and How to Stop It

Mar 3, 2025 By Arthur Zavalkovsky In Memcyco

It’s no secret that phishing has always relied on deception. Scam-targeted enterprises the world over warn their customers of the social engineering tactics and brand impersonation designed to trick them into handing over credentials. Besides email-based phishing, social media has become a hotbed for phishing attacks, with scammers using fake ads, impersonated accounts, and fraudulent messages to lure users.

Read Post