Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ransomware is a rapidly evolving threat, with attackers increasingly turning to remote techniques that target network shares. To help defend against these tactics, CrowdStrike Falcon Prevent endpoint security includes a capability called File System Containment, which is precision-focused to block malicious file system actions over Windows Server Message Block (SMB) shares, halting encryption as soon as possible.

Emerging between late 2022 and the beginning of 2023, Cloak Ransomware is a new ransomware group. Despite its activities, the origins and organizational structure of the group remain unknown. According to data from the group’s DLS (data leak site), Cloak has accessed 23 databases of small-medium businesses, selling 21 of them so far. Out of these, 21 victims paid the ransom and had their data deleted, 1 declined and 1 is still in negotiations, indicating a high payment rate of 91-96%.

Qilin operates as an affiliate program for Ransomware-as-a-Service, employing a Rust-based ransomware to target victims. Qilin ransomware attacks are often tailored for each victim to maximize their impact, utilizing tactics like altering filename extensions of encrypted files and terminating specific processes and services.

In 2024, ransomware continues to be the most prevalent form of cyber-attack, affecting three out of four organisations, according to Veeam. The increasing frequency and sophistication of these attacks are driven by easy access to ransomware kits on the dark web and the significant profits cybercriminals generate through extortion schemes.

The US FBI and cybersecurity experts are warning that the Scattered Spider extortion gang has shifted its focus to the aviation and transportation sectors, BleepingComputer reports. The group spent the past several months targeting companies in the retail and insurance sectors, and has now hit several airlines. Scattered Spider uses social engineering attacks to gain initial access, then steals data and/or deploys ransomware to extort their victims.

In WatchGuard’s just-released Q1 2025 Internet Security Report, one thing is clear: attackers are getting faster, stealthier, and more sophisticated, powered by an underground boom in AI tools. The numbers speak for themselves: These insights paint a clear picture: evasive, AI-driven threats are reshaping the cybersecurity battlefield. Organizations must adapt with layered, intelligent, and proactive defenses to stay ahead.

Think back to when you were a kid, eyeing a cookie jar on the top shelf. Getting to it wasn’t just about reaching; it was about strategy. You had to avoid making noise, pick the sturdiest route, and time your move perfectly to avoid getting caught. Imagine having a team of expert scouts feeding you all the correct information: where the dangers are, which surfaces can support you, and the best way to grab that prize unnoticed. That’s exactly what BloodHound does.