Modern ransomware attacks have evolved beyond simple encryption to deploy sophisticated double extortion tactics. Threat actors now systematically exfiltrate sensitive data before encrypting systems, ensuring leverage even when victims have robust data backups. Some ransomware gangs have even abandoned encryption altogether, recognizing that the threat of data exposure often proves more compelling for ransom payment.

Organizations have grappled with the cost-benefit tradeoff of log management and Security Information and Event Management (SIEM) for decades. Do you capture every log at the risk of overwhelming storage, infrastructure, and license costs, or limit your collection and gamble on what’s truly important? The high costs imposed by traditional vendors have dictated Sophie’s choice, forcing enterprises into a game of compromise that risks the entire organization’s security.

Discover the essentials of risk management, its importance, and effective strategies for organizations.

MSPs and IT organizations run lean and can’t afford to waste time sifting through false positives and dealing with operational inefficiencies. This is why we are pleased with our results of 2024 MITRE ATT&CK Enterprise Evaluation, which included a new element this year to test a vendor’s ability to deal with “Noise” and distinguish between benign and malicious actions.

Despite a ransomware payment controversy, some companies still decide to yield to the attacker’s requests. Doing so may seem like the easiest way out, but it comes with its own set of complications, both ethical and legal.

The role of generative AI in cybersecurity increases in direct proportion to the use of GenAI models among cybercriminals. Since attackers can now churn out human-like text, manipulate media, and create unrecognizable malware variants on a larger scale, organizations should rethink traditional approaches to email security. Generative AI can help them turn the tables on threat actors by beefing up their defenses against AI-powered email attacks.

Ransomware continues to be one of the most pervasive and costly cyber threats facing organizations worldwide. More than 40% of organizations surveyed by ESG research experienced a successful ransomware attack in the previous 12 months, and 32% were successfully attacked more than once. The consequences of failing to protect against ransomware can be devastating for any business. Beyond financial loss, victims can suffer operational downtime, reputational damage and potential regulatory fines.

The Latin American (LATAM) cybercrime landscape continues to evolve as adversaries refine their tactics, techniques and procedures (TTPs) to bypass defenses and expand their reach. Last year, we wrote a blog detailing our LATAM cybercrime observations throughout 2023. In this blog, we examine the significant updates observed in 2024 across prominent LATAM malware families, including Mispadu, Kiron, Caiman, Culebra, Salve and Astaroth.