%term

XWorm's Shape-Shifting Arsenal: Loader and Stager Variants in the Wild

Jul 3, 2025 By Splunk Threat Research Team In Splunk

XWorm, a popular and actively distributed remote access trojan (RAT), has steadily evolved into a versatile tool in the cybercriminal toolkit. Known for its robust feature set, ranging from keylogging and remote desktop access to data exfiltration and command execution, XWorm continues to attract threat actors due to its ease of use, modularity, and frequent updates by its developers.

Read Post

Splunk

Read more about XWorm's Shape-Shifting Arsenal: Loader and Stager Variants in the Wild

To Report or Not to Report Ransom Payments - Possibly Not Worth the Effort

Jul 3, 2025 By Craig Searle In Trustwave

Just a recap - Trustwave in no way endorses ransom payments. We believe the best way to deal with a ransomware situation is to: A: Create a strong defensive posture that will deter, if not stop, an attack. B: Have in place a solid and well-practiced incident response plan that includes backups so an organization can quickly recover from any attack.

Read Post

Trustwave

Read more about To Report or Not to Report Ransom Payments - Possibly Not Worth the Effort

To Report or Not to Report Ransom Payments - A Helpful and Useful Idea

Jul 3, 2025 By Ed Williams In Trustwave

Just a recap - Trustwave in no way endorses ransom payments. We believe the best way to deal with a ransomware situation is to: A: Create a strong defensive posture that will deter, if not stop, an attack. B: Have in place a solid and well-practiced incident response plan that includes backups so an organization can quickly recover from any attack.

Read Post

Trustwave

Read more about To Report or Not to Report Ransom Payments - A Helpful and Useful Idea

Scattered Spider Unmasked: How an identity-focused APT is redefining cyber threats

Jul 3, 2025 By Andy Thompson In CyberArk

Scattered Spider has emerged as one of the most disruptive advanced persistent threats in recent years, breaching major organizations across telecom, gaming, transportation, and retail. In the last few months, the group has escalated its activity—targeting financial services and launching coordinated ransomware campaigns that have crippled operations and exposed sensitive data.

Read Post

CyberArk

Read more about Scattered Spider Unmasked: How an identity-focused APT is redefining cyber threats

When Installers Turn Evil: The Pascal Script Behind Inno Setup Malware Campaign

Jul 3, 2025 By Splunk Threat Research Team In Splunk

Software installer packages are a cornerstone of user-friendly software distribution. Tools like Inno Setup, NSIS (Nullsoft Scriptable Install System), and InstallShield help developers bundle their applications into a single, streamlined installer that users can run with just a few clicks. These installers often include everything needed to set up a program, files, configurations, and even system dependencies, making software installation seamless and accessible.

Read Post

Splunk

Read more about When Installers Turn Evil: The Pascal Script Behind Inno Setup Malware Campaign

Can iPads Get Malware?

Jul 3, 2025 By Keeper Security In Keeper

Is your iPad acting strangely? It could have malware! Watch this short video to learn the warning signs, how malware can get on your iPad and the best ways to remove it.

View Video

Keeper

Read more about Can iPads Get Malware?

CrowdStrike Services Observes SCATTERED SPIDER Escalate Attacks Across Industries

Jul 2, 2025 By Counter Adversary Operations In CrowdStrike

SCATTERED SPIDER, an eCrime adversary, has recently broadened its target scope to include the aviation sector, in addition to its established focus on the insurance and retail industries, as observed by CrowdStrike Services. Throughout Q2 2025, SCATTERED SPIDER's activities have primarily centered on U.S.-based insurance and retail entities, along with U.K.-based retail entities.

Read Post

CrowdStrike

Read more about CrowdStrike Services Observes SCATTERED SPIDER Escalate Attacks Across Industries

Ransomware Threat Still Rising: Key Trends in the Technology Sector in 2025

Jul 2, 2025 By Trustwave In Trustwave

The 2025 Trustwave Technology Risk Radar Report highlights ransomware as a major and persistent threat within the technology sector that shows no signs of abating as new ransomware-focused threat groups are constantly appearing.

Read Post

Trustwave

Read more about Ransomware Threat Still Rising: Key Trends in the Technology Sector in 2025

Ransomware Strikes! What to Do in the First 60 Minutes: Understanding the Threat (Part 2)

Jul 2, 2025 By VISTA InfoSec In VISTA InfoSec

Are you prepared for a ransomware attack? In this 2nd part of our "Ransomware Strikes! What to Do in the First 60 Minutes" series, we move forward on one of the most terrifying cyber threats facing businesses today. Join VISTA InfoSec, an officially empaneled organization with CREST, PCI Council, CSRO SG, SWIFT, and CERT-IN, as we dive deep into the reality of ransomware in 2024. We'll reveal staggering statistics and solutions that you ought to execute to escape the mess.

View Video

VISTA InfoSec

Read more about Ransomware Strikes! What to Do in the First 60 Minutes: Understanding the Threat (Part 2)

Malvertising Campaign Delivers Oyster/Broomstick Backdoor via SEO Poisoning and Trojanized Tools

Jul 2, 2025 By Andres Ramos In Arctic Wolf

Since early June 2025, Arctic Wolf has observed a search engine optimization (SEO) poisoning and malvertising campaign promoting malicious websites hosting trojanized versions of legitimate IT tools such as PuTTY and WinSCP.

Read Post