%term

What Is Extortionware? Going Beyond Ransomware

May 27, 2025 By Shaun Quarton In Splunk

Extortionware involves stealing sensitive data from an organization and threatening to leak it. It’s become a core tactic in the modern ransomware playbook, and if your business holds valuable or confidential information, it’s a threat you can’t afford to ignore. Today, we’re taking a closer look at what extortionware is, how it works, and why it’s become one of the most difficult cyber threats to defend against.

Read Post

Splunk

Read more about What Is Extortionware? Going Beyond Ransomware

Why Codefinger represents a new stage in the evolution of ransomware

May 27, 2025 By Justin Giardina, Chief Technology Officer In 11:11 Systems

Forget typical ransomware! Codefinger hijacked cloud keys directly, exposing backup flaws and shared responsibility risks. Time to rethink defence. If you didn't pay much attention to news of the recent Codefinger ransomware attack, it's possibly because ransomware has become so prevalent that major incidents no longer feel notable. But Codefinger is not just another ransomware breach to add to the list of incidents where businesses lost sensitive data to attackers. In key respects, Codefinger represents a substantially new type of ransomware attack.

Read Post

11:11 Systems

Read more about Why Codefinger represents a new stage in the evolution of ransomware

How To Remove Adware From Your Computer

May 25, 2025 By Keeper Security In Keeper

Is your computer slowing down with endless pop-ups? You may have adware! Learn how to remove adware from your computer in three simple steps and how to stop adware from coming back by watching this quick video.

View Video

Keeper

Read more about How To Remove Adware From Your Computer

3AM Ransomware Attackers Pose as IT Support to Compromise Networks

May 23, 2025 By Graham Cluley In Tripwire

Cybercriminals are getting smarter. Not by developing new types of malware or exploiting zero-day vulnerabilities, but by simply pretending to be helpful IT support desk workers. Attackers affiliated with the 3AM ransomware group have combined a variety of different techniques to trick targeted employees into helping them break into networks. It works like this.

Read Post

Tripwire

Read more about 3AM Ransomware Attackers Pose as IT Support to Compromise Networks

The Lumma Stealer InfoStealer: The Details

May 22, 2025 By Coral Tayar In Cyberint

Original Article published Decmber 2023. Update May 22nd 2025: The FBI has seized user panels and other Lumma C2 infrastructure. As of now, we don’t see the Lumma info-stealer disappearing from the arena. Our team is on guard to check and analyze the changes. This case shares similarities with the so called seizure of infrastructure of RedLine and Metta info stealers in October 2024 by the FBI, DOJ, Dutch authorities, etc.

Read Post

Cyberint

Read more about The Lumma Stealer InfoStealer: The Details

CrowdStrike Collaborates with U.S. Department of Justice on DanaBot Takedown

May 22, 2025 By Counter Adversary Operations In CrowdStrike

Effective collaboration is essential when confronting today's sophisticated cyber adversaries, particularly those operating with state tolerance or direction. At CrowdStrike, we routinely work alongside law enforcement agencies and industry partners to identify, monitor, and mitigate cyber threats. Recently, we provided technical assistance to the U.S.

Read Post

CrowdStrike

Read more about CrowdStrike Collaborates with U.S. Department of Justice on DanaBot Takedown

SafeBreach Coverage for US CERT AA25-141B (Sticky Werewolf)

May 22, 2025 By Tova Dvorin In SafeBreach

On May 21, 2025, the FBI and CISA released a joint Cybersecurity Advisory (CSA), designated AA25-141B, warning about the rise in attacks leveraging LummaC2, attributed to a threat group referred to internally as Sticky Werewolf, this cyber espionage campaign has used LummaC2 malware since at least April 2023 to target Russian and Belarusian government agencies, science centers, and aviation manufacturers.

Read Post

SafeBreach

Read more about SafeBreach Coverage for US CERT AA25-141B (Sticky Werewolf)

The Ransomware Threat: Still Alive and Kicking

May 22, 2025 By Javvad Malik In KnowBe4

Many organizations, after a period of relative quiet, might believe the ransomware bubble has burst. The headlines may have shifted, and other emerging cyber threats might seem to dominate the news cycle, but recent data from Marsh's 2024 UK cyber insurance claims report suggests otherwise. It paints a stark picture of an ongoing and evolving threat landscape. While claims decreased by 20% compared to 2023, they remained significantly higher than in previous years.

Read Post

KnowBe4

Read more about The Ransomware Threat: Still Alive and Kicking

Health-ISAC 2025 Report: Ransomware Still Reigns as #1 Threat to Healthcare

May 22, 2025 By Katrina Thompson In Tripwire

Health-ISAC recently released their 2025 Health Sector Cyber Threat Landscape Report, a comprehensive outline of the malicious activity aimed at healthcare in the previous year. Not surprisingly, ransomware was cited by security professionals in the industry as the number one threat of 2024 and the top area of concern coming into 2025 (followed by third-party breaches, supply chain attacks, and zero-day exploits). Some things never change. However, when it comes to ransomware, they do evolve.

Read Post

Tripwire

Read more about Health-ISAC 2025 Report: Ransomware Still Reigns as #1 Threat to Healthcare

Reviewing Penetration Test Pricing In 2025: A Practical Guide for UK and EU Buyers

May 22, 2025 By SecuritySenses In SecuritySenses

Penetration testing costs in the UK and EU can range from a few thousand pounds to well over £20,000. At a glance, many of these tests look the same. So why the price gap? In 2025, pricing models haven't changed much. Most tests are still priced per day, but the complexity of what's being tested has changed. The rise of custom internal tools (many "vibe coded" by non-IT or security teams), shadow IT, SaaS stacks, and cloud sprawl means that scoping a pen test properly takes more time and care.

Read Post