Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The recent UK Home Office proposal designed to hinder and disrupt ransomware operations through several proposed measures, including a targeted ban on ransomware payments, has again brought this question into the public square. The question of whether to pay a ransom demand is a decades-long argument with ardent opinions on both sides.

Ongoing campaign uses TorNet backdoor, Lynx ransomware group operates advanced affiliate program, and Cisco Talos releases Q4 incident response trends report.

Two newcomers have made their way onto the ransomware threat group stage, becoming the biggest threat to the energy and utilities sector in 2025. According to the most recent data from Trustwave SpiderLabs’ Energy and Utilities Sector Deep Dive: Ransomware Threat Groups, Hunters International and Qilin (pronounced Chee Lin) displaced LockBit as the most active group attacking these sectors.

Here are the top five reasons why safeguarding your M365 environment is critical, especially in recent years: Our team of experienced security experts here at Opti9 have devised a comprehensive list of actionable items to improve the security posture of your Microsoft 365 environments. Here are a few action items to properly protect your Microsoft 365 environment.

Researchers at Cisco Talos warn that a new phishing campaign is targeting users in Germany and Poland in an attempt to deliver several strains of malware, including a new backdoor dubbed “TorNet.” The phishing emails purport to be fake money transfer confirmations from financial institutions or phony order receipts from manufacturing and logistics companies.

Trustwave SpiderLabs has multiple methods and tools available to keep its teams apprised of the tactics, techniques, and procedures (TTPs) threat groups utilize during an attack, but perhaps the most useful is our cloud-native Fusion dashboard.

Here's a closer look at one such advanced malware employed with tools by Black Basta—to name a few, Zbot, DarkGate, and customer-designed payloads on order as well—and how these latter help in extracting data coupled with sustaining unauthorized access at some distance. Introduction.

Following the emergence of data-leak sites (DLSs) for extortion group’s Morpheus and GD LockerSec in January 2025, Cyjax has discovered a DLS which claims that the infamous Babuk ransomware group has returned. Read on to find out what we know so far.

Ransomware is one of the most prominent cybersecurity threats today, often spreading via phishing emails, malicious links, infected attachments, or exploiting software vulnerabilities. It is a type of malware designed to block access to files, data, or entire systems until a ransom is paid, usually in cryptocurrency. Beyond the financial impact, ransomware causes operational disruption and long-term reputational damage. The frequency and scale of ransomware attacks have surged in recent years.