%term

GIFTEDCROOK's Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations

Jun 26, 2025 By Arctic Wolf Labs In Arctic Wolf

The Arctic Wolf Labs team has discovered that the cyber-espionage group UAC-0226, known for utilizing the infostealer GIFTEDCROOK, has significantly evolved its capabilities. It has transitioned the malware from a basic browser data stealer (which we’re referring to as v1), through two new upgrades (v1.2 and v1.3) into a robust intelligence-gathering tool. Analysis of early files from February 2025 suggests that the GIFTEDCROOK project began as a demo during that period.

Read Post

Arctic Wolf

Read more about GIFTEDCROOK's Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations

DeepSeek Deception: Sainbox RAT & Hidden Rootkit Delivery

Jun 26, 2025 By Leandro Fróes In Netskope

Netskope Threat Labs has discovered a campaign using fake installers to deliver the Sainbox RAT and Hidden rootkit. During our threat hunting activities, we encountered multiple installers disguised as legitimate software, including WPS Office, Sogou, and DeepSeek. These installers were mainly MSI files that were delivered via phishing websites. Both the phishing pages and installers were in Chinese, indicating that the targets are Chinese speakers.

Read Post

Netskope

Read more about DeepSeek Deception: Sainbox RAT & Hidden Rootkit Delivery

Why Hackers Ignore Zero-Days (And What They Use Instead)

Jun 26, 2025 By Rubrik In Rubrik

You'd think hackers use the latest zero-day exploits, right? WRONG! PwC's threat intelligence reveals hackers are actually exploiting OLD vulnerabilities that companies just... forgot to patch While cybersecurity teams chase shiny new threats, criminals are walking through the front door with keys we left lying around. The scariest part? Even criminal groups (not just nation-states) are making this their primary attack method.

View Video

Rubrik

Read more about Why Hackers Ignore Zero-Days (And What They Use Instead)

Securing the Software Supply Chain with Allison Wikoff

Jun 25, 2025 By Rubrik In Rubrik

In this episode of Data Security Decoded, Allison Wikoff, a 20-year veteran in information security and threat intelligence, explores current cybersecurity challenges, emerging threats, and practical defensive strategies for organizations of all sizes.

View Video

Rubrik

Read more about Securing the Software Supply Chain with Allison Wikoff

RPM Global Streamlines Operations and Enhances Data Security with Rubrik

Jun 24, 2025 By Rubrik In Rubrik

RPM Global, a leading ASX-listed mining advisory and software company, turns to Rubrik for operational resilience. Challenged by a phishing attack on its core business unit in the past, RPM Global now leverages Rubrik’s comprehensive product suite, including M365 Protection, Rubrik Cloud Vault, and Edge, to safeguard its most valuable asset - customer data.

View Video

Rubrik

Read more about RPM Global Streamlines Operations and Enhances Data Security with Rubrik

Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors

Jun 24, 2025 By Nathaniel Morales In Trustwave

Dire Wolf is a newly emerged ransomware group first observed in May 2025 and Trustwave SpiderLabs recently uncovered a Dire Wolf ransomware sample that revealed for the first time key details about how the ransomware operates. Since its discovery, Dire Wolf ransomware group has launched a series of targeted attacks across multiple sectors and regions with an emphasis on manufacturing and technology sectors.

Read Post

Trustwave

Read more about Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors

Types of Spyware

Jun 20, 2025 By Keeper Security In Keeper

Spyware is lurking everywhere, from pop-ups to hidden apps. Watch this short video to learn about the different types of spyware, how they invade your device and how to protect yourself from their damage.

View Video

Keeper

Read more about Types of Spyware

Qilin Offers "Call a lawyer" Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay

Jun 20, 2025 By Graham Cluley In Tripwire

Imagine for one moment that you are a cybercriminal. You have compromised an organisation's network, you have stolen their data, you have encrypted their network, and you are now knee-deep in the ransomware negotiation. However, there's a problem. Your target is stalling for time. Who can you, as the perpetrator of the crime rather than the innocent victim, turn to for advice? Well, if you are an affiliate of the Qilin ransomware group, you can simply hit the "Call Lawyer" button.

Read Post

Tripwire

Read more about Qilin Offers "Call a lawyer" Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay

Play Ransomware Is Back: FBI Warning for Growing Enterprise Risk

Jun 20, 2025 By Ann-Anica Christian In SSL2BUY

In June 2025, the FBI, CISA, and the Australian Cyber Security Centre (ACSC) issued a joint cybersecurity advisory warning of a significant resurgence in Play ransomware attacks. This rare alert flagged over 900 confirmed victims across the public sector, healthcare, and SMBs – many of whom were targeted through deceptive email addresses like @web.de and @gmx.de.

Read Post

SSL2BUY

Read more about Play Ransomware Is Back: FBI Warning for Growing Enterprise Risk

Ransomware Attack Simulation: Did They Survive? #cybersecurity #ransomware

Jun 19, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video