Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We are often asked how Rubrik Security Cloud differs from AWS Backup. It's a valid question because, at first glance, the two solutions seem similar. Both have cloud-first, API-driven architectures. Both are built specifically to ensure reliable backup and recovery for data stored across AWS. Both support a wide range of the most popular AWS workloads including EC2, EBS, S3, RDS and EKS.

At Rubrik, we rely on a multi-tenant architecture to store customer metadata in a large fleet of Cloud SQL database instances. With numerous production deployments globally, each supporting multiple customer accounts, maintaining high availability, performance, and robustness across this infrastructure is critical. Managing a large fleet of Cloud SQL instances and ensuring they remain resilient and performant has been a journey filled with valuable lessons.

While malware growth is something we have been experiencing over the past few years, the increase observed by WatchGuard's threat lab team in Q3 2024 was the highest to date. Q3 saw astronomical growth in total endpoint malware threats, reaching 300.48% with 420,304 threats. The previous high was recorded in Q1 2024, when there was an 81.77% rise, almost double the previous quarter. However, Q3 almost quadrupled the figure for Q2 2024 when 104,951 threats were detected.

Reverse engineering the AsyncRat malware infection, exploring the means of deployment and staging.

Imagine you are the owner of a bustling casino casually observing the vibrant scene: The clatter of slot machines, wagers are being placed, the cheerful chatter of gamblers, and waiters are serving cocktails. Everything appears normal until, without warning, the machines fall silent. However, it doesn’t stop there. Elevators grind to a halt, parking gates freeze shut, and guests find themselves locked out of their rooms as digital door keys fail to function.

In 2024, Cyjax observed the emergence of 72 extortion and ransomware group data-leak sites (DLSs). As of late February 2025, Cyjax has identified DLSs for six new groups in 2025, as noted in recent blogs on extortion groups Kraken, Morpheus, GD LockerSec, Babuk2, and Linkc. The latest DLS which Cyjax has identified is named Anubis. This Ransomware-as-a-Service (RaaS) group appears to be sophisticated and professional, providing services including affiliates, data ransoms, and access monetisation.

Cybercrime has rapidly evolved, and one of the most dangerous models that has emerged in recent years is malware as a service (MaaS). This criminal business model allows anyone without advanced programming knowledge to deploy highly effective malware campaigns by paying a subscription or a one-time fee. MaaS democratizes access to malicious tools and amplifies both the quantity and sophistication of cyberattacks.