Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Read also: A Coinbase hacker jailed for a $900K crypto scam, a North Korean hacker indicted for ransomware attacks on hospitals, and more.

Evasive Panda deploys new versions of Macma backdoor and Nightdoor, cybercriminals work independently after RaaS takedowns, and a new Linux Play variant targets VMware ESXi systems.

Ransomware attacks continue to pose a growing threat to organizations as it has emerged as the number one threat, affecting 66% of organizations in 2023 and pulling over $1 billion from the victims. These attacks have increased in frequency and sophistication, resulting in significant financial loss, operation disruption, theft of sensitive data, and reduced productivity rates. Also, it damages the organization's reputation and results in the loss of customer trust and compliance violations.

At Rubrik, we take software security extremely seriously. That's why we're proud to announce that Rubrik has adopted the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure by Design Pledge. This voluntary pledge focuses on enterprise software products and services, and by taking it, we're committing to make a good-faith effort to work towards seven key goals over the next year to further enhance the security of our offerings.

Drawing on extensive proprietary research, Trustwave SpiderLabs believes the threat actors behind the Facebook malvertising infostealer SYS01 are the same group that developed the previously reported Rilide malware. Facebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01 – Part 2 lays out evidence tying the latest Rilide (V4) version to SYS01. The report noted the code from the two malware types overlaps in too many areas to be a simple coincidence.

Ransomware risk is top of mind for citizens and CISOs alike. From the board room to the room known as the ‘SOC’, everyone is feeling the pain of disruption. Being locked out of a system and forced back to pen and paper is shocking to our working lives. Too often, it is delaying a much-needed surgery or forcing manual intervention where a digital avenue was easy and efficient. But the effects of ransomware don’t appear to be going anywhere soon.

In the ever-evolving world of cybercrime, ransomware attacks continue to be a lucrative business for cybercriminals. The latest development comes from the Dark Angels ransomware group, who have reportedly secured a staggering $75 million ransom payment from an undisclosed victim. This eye-watering sum shatters the previous record of $40 million paid by insurance giant CNA Financial in 2021, setting a new and alarming benchmark in the ransomware landscape.

In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for newly discovered or analyzed threats by the SafeBreach Labs team. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats. Additional details about the threats and our coverage can be seen below.