%term

Ransomware Attacks Drive a Surge in Cyber Insurance Claims

May 28, 2026 By KnowBe4 Team In KnowBe4

Cyber insurance claims surged by 40% over the past eighteen months, while ransomware payments have dropped by 44%, according to a new report from Cowbell Cyber. The three most common incident types were data breaches, cybercrime (including phishing and business email compromise), and extortion attacks (including ransomware).

Read Post

KnowBe4

Read more about Ransomware Attacks Drive a Surge in Cyber Insurance Claims

Surviving a LockBit Ransomware Attack: The ROI of Visibility

May 28, 2026 By Nicholas Sollitto In UpGuard

In August 2023, while thousands of students at William Jewell College were hauling mini-fridges and textbooks into dorms, the invisible, digital heart of the campus was flatlining. There was no internet. No email. Even the HVAC system, tied to a compromised network, had shut down in the sweltering Missouri heat. The culprit? LockBit, a prolific ransomware syndicate that just hit Boeing days prior.

Read Post

UpGuard

Read more about Surviving a LockBit Ransomware Attack: The ROI of Visibility

Reimagining Disaster Recovery: Building the Isolated Recovery Environment

May 28, 2026 By Rubrik In Rubrik

Healthcare cyber resilience depends on ransomware recovery and patient care continuity. Christian Lindmark of Stanford Health Care joins Josh Howell to discuss an innovative approach to building an isolated recovery environment. Instead of requesting significant new capital from the board, Christian proposes a hybrid model that utilizes existing disaster recovery hardware for cyber response. They explore the shift from physical disaster planning to addressing the persistent reality of cyber attacks that compromise environment trust.

View Video

Rubrik

Read more about Reimagining Disaster Recovery: Building the Isolated Recovery Environment

How Replicating Marauder Rewired the Supply Chain Playbook

May 27, 2026 By Michael Warren In BlueVoyant

In March 2026, researchers began linking a series of software supply-chain compromises to Replicating Marauder, the BlueVoyant Threat Fusion Cell (TFC) primary identifier for the actor publicly tracked elsewhere as TeamPCP. What made the campaign stand out was that trusted software was poisoned and one compromise repeatedly appeared to enable the next by exposing credentials, release paths, or Continuous Integration and Continuous Delivery or Deployment (CI/CD) trust relationships.

Read Post

BlueVoyant

Read more about How Replicating Marauder Rewired the Supply Chain Playbook

BlackToad: Network Manipulation in an AutoIt Payload

May 27, 2026 By Jack Lewis In JUMPSEC

Recently, JUMPSEC’s DART (Detection and Response Team) detected a phishing email targeting a client environment. The email, written in Thai and containing a MediaFire download link, was identified as suspicious by an incident responder and we kicked off an investigation. Since then, we have established infrastructure to track the threat actor, analysed the novel payload in detail, and identified several IoCs below.

Read Post

JUMPSEC

Read more about BlackToad: Network Manipulation in an AutoIt Payload

Analyzing real malware with Claude Code and LimaCharlie

May 27, 2026 By Daniel Ballmer In LimaCharlie

Most malware analysis workflows follow the same pattern: run a set of tools, manually review the output, build detection rules from memory, and repeat. It's reliable, but slow, and for MDR and MSSP teams handling volume, delays have a cost. In this workshop, LimaCharlie Senior Solutions Engineer Chris Botelho demonstrates a faster path: using Claude Code with LimaCharlie's reverse engineering environment to triage, analyze, and build detections against a real malware sample pulled from Malware Bazaar.

Read Post

LimaCharlie

Read more about Analyzing real malware with Claude Code and LimaCharlie

How AI Tools Are Accelerating Attacks

May 26, 2026 By Rubrik In Rubrik

Cynthia Kaiser explains how Mythos and AI are making initial access easier for ransomware groups. Watch the full video on our channel.

View Video

Rubrik

Read more about How AI Tools Are Accelerating Attacks

Disrupting Glassworm: Inside CrowdStrike's Takedown of a Developer-Targeting Botnet

May 26, 2026 By Counter Adversary Operations In CrowdStrike

On May 26, 2026, at 14:00 UTC, the CrowdStrike Counter Adversary Operations team executed a coordinated takedown of the Glassworm botnet, a global threat targeting software developers through the open-source supply chain. In collaboration with Google and the Shadowserver Foundation, we struck all four of Glassworm's command-and-control (C2) channels simultaneously, severing the operators from their infected machines and their ability to deliver new malicious payloads.

Read Post

CrowdStrike

Read more about Disrupting Glassworm: Inside CrowdStrike's Takedown of a Developer-Targeting Botnet

Ransomware Trends, Attack Methods, and Protection Strategies

May 25, 2026 By SafeAeon Inc. In SafeAeon

Ransomware has moved beyond simple malware attacks. It is now operating under a structured business model that disrupts operations, not just systems. Attackers are not depending on phishing or malicious files to deploy ransomware. They instead use compromised identities and existing tools present within environments to move undetected. By the time encryption starts, the attack has already progressed across systems.

Read Post

SafeAeon

Read more about Ransomware Trends, Attack Methods, and Protection Strategies

Running the Inverted Offensive Campaign with Adam Karcher

May 23, 2026 By Rubrik In Rubrik

- What happens when the adversary’s dwell time is measured in years, but your defense is measured in tickets? Adam Karcher, FBI Supervisory Special Agent, Cyber Division, and a member of the Bureau’s AI Working Group, joins the show to break down the "convergent evolution" of modern cyber threats. Karcher explains why defenders are often stuck in a cleanup cycle, while threat actors operate in a sophisticated, compartmentalized ecosystem that requires a fundamental shift in defensive strategy.

View Video