The United States, is a prime target for cyber attacks. The U.S. retail sector, which holds nearly one-third of the global market share, has seen a significant rise in ransomware incidents, accounting for 45% of global retail ransomware cases in the past three quarters—a 9% increase from 2023. New groups like Ransomhub and Hunters have emerged and supply chain threats have increased. Social engineering tactics are on the rise, with attackers impersonating IT personnel.

In this blog we will cover what we know about the Finastra breach, what we know about who might have been compromised and an analysis of the validity of the Threat Actor abyss0.

The Akira ransomware group has been active since March 2023, targeting diverse industries across North America, the UK, and Australia. Operating as a Ransomware-as-a-Service (RaaS) model, Akira employs a double-extortion strategy by stealing sensitive data before encrypting it. According to their leak site, the group claims to have compromised over 350 organizations.

The National Institute of Standards and Technology (NIST) has released version 2.0 of its Cyber security Framework (CSF), significantly elevating cyber security guidelines. This update brings in major changes that will affect several actors like Chief Information Security Officers (CISOs), Managed Security Service Providers (MSSPs), and individual users, among others.

Hacktivism – the practice of carrying out cyberattacks to advance political or social goals – is not new. Hacktivist attacks go as far back as the 1980s. Yet today’s hacktivists often look and operate in ways that are markedly different from their predecessors. They’ve embraced new techniques, they often have more resources at their disposal and they can prove more challenging to stop.

The typical Security Operations Center (SOC) faces a wide variety of responsibilities. In addition to monitoring internal systems for signs of threats and breaches, modern SOCs are tasked with managing external risks through practices such as: Each of these practices addresses different types of risks, and it would be wrong to say that any one practice is fundamentally more important than the others.

Telegram, with over 700 million users globally, is widely known for its privacy features, but its lack of strict moderation has made it a favored platform for cyber criminals. Over recent years, the platform has been linked to illegal activities, including drug and weapons trafficking, child exploitation, and cyber crime operations like phishing, malware distribution, and stolen data trading.

The Cyberint Europe Threat Landscape 2024-2025 report sheds light on the increasingly complex and evolving cyber threat environment affecting organizations across Europe and the UK. Leveraging data from Cyberint—which monitors threats like phishing, malware, and supply chain vulnerabilities—the report highlights a surge in malicious activities driven by global conflicts, technological shifts, and the growing use of generative AI in cybercrime.

Although 2024 began with a Q1 decline in the frequency of ransomware attacks, the second quarter was underscored by a return to a much more intimidating world of ransomware attacks globally, and the third quarter continues the trend of the second. In Q2 2024, the number of attacks stood at 1,277 cases, but Q3 saw a small decrease of 5.5% with 1209 cases.

For phishing scammers, the holidays are the most wonderful time of the year – or so holiday phishing trends would suggest. Cyberint research shows that phishing alerts surged by 46 percent last December compared to the monthly average observed throughout the year. Similarly, an Akamai study found a 150 percent increase in phishing victims between mid-October and late November 2021.