%term

A DLS EMERGEncy! - Record breaking extortion group DLS emergence in 2025

Apr 4, 2025 By Adam Price In CYJAX

As the threat landscape continues to develop, ransomware and data broker groups constantly emerge, develop, and disband. Cyjax has observed a significant number of new data-leak sites (DLS) emerge in March 2025, with a total of 14 new sites. This is the highest observed number of extortion groups which have emerged in a single month. The second highest number was observed in September 2022, when 10 data-leak sites emerged. Overall, 21 DLSs have been identified in 2025 so far.

Read Post

CYJAX

Read more about A DLS EMERGEncy! - Record breaking extortion group DLS emergence in 2025

Does Cloud Backup Protect Against Ransomware?

Apr 3, 2025 By Internxt In Internxt

As of 2024, 75 active ransomware groups targeted healthcare industries, businesses, and individuals with the aim of threatening these individuals with data loss or leaks in return for large payouts to decrypt this data. Many security organizations and cybersecurity experts are fighting to prevent ransomware from becoming common. One question on the minds of many people related to this topic is: Does cloud backup protect against ransomware?

Read Post

Internxt

Read more about Does Cloud Backup Protect Against Ransomware?

HellCat Ransomware: What You Need To Know

Apr 3, 2025 By Graham Cluley In Tripwire

HellCat is the name of a relatively new ransomware-as-a-service (RaaS) group that first came to prominence in the second half of 2024. Like many other ransomware operations, HellCat breaks into organisations, steals sensitive files, and encrypts computer systems - demanding a ransom payment for a decryption key and to prevent the leaking of stolen files.

Read Post

Tripwire

Read more about HellCat Ransomware: What You Need To Know

Malicious Memes: How Cybercriminals Use Humor to Spread Malware

Apr 3, 2025 By Erich Kron In KnowBe4

Internet memes and viral content have become a universal language of online culture. They're easily shareable, often humorous, and can spread rapidly across various platforms. However, this same virality and cultural resonance make memes an attractive vector for cybercriminals and threat actors. Anatomy of a meme Memes are nothing new, and have been around for decades. In fact, a comic published in 1921 followed one of today's most common meme themes: ‘Expectation vs.

Read Post

KnowBe4

Read more about Malicious Memes: How Cybercriminals Use Humor to Spread Malware

Hide and Fail: Obfuscated Malware, Empty Payloads, and npm Shenanigans

Apr 3, 2025 By Willem Delbare In Aikido

‍ On March 14th 2025, we detected a malicious package on npm called node-facebook-messenger-api. At first, it seemed to be pretty run-of-the-mill malware, though we couldn’t tell what the end-goal was. We didn’t think much more of it until April 3rd 2025, when we see the same threat actor expand their attack.

Read Post

Aikido

Read more about Hide and Fail: Obfuscated Malware, Empty Payloads, and npm Shenanigans

Master Advanced Threat Investigation: Forensic Analysis with Cato Sandbox

Apr 1, 2025 By Cato Networks In Cato Networks

In this video, we walk you through how Cato Networks' anti-malware and NextGen anti-malware solutions block both known and unknown threats in real time—*before* they can spread. But stopping malware is only the beginning. Learn how Cato Sandbox takes your cybersecurity strategy to the next level by: We’ll show you how to quickly enable Cato Sandbox, demonstrate real-time malware blocking, and explore a full forensic analysis via the Cato Management Application (CMA). Watch as we break down.

View Video

Cato Networks

Read more about Master Advanced Threat Investigation: Forensic Analysis with Cato Sandbox

Babuk2 Bjorka: The Evolution of Ransomware for 'Data Commoditization'

Apr 1, 2025 By John Basmayor In Trustwave

An investigation that started with a tip from one of our threat intel sources about the revival of the Babuk (figure 1) threat group has led Trustwave SpiderLabs to uncover what appears to be a paradigm shift in the ransomware landscape. Figure 1. SpiderLabs telemetry (January 2025 events). Figure 1A. February to March events. Figure 1B. SpiderLabs telemetry (March 2025 events).

Read Post

Trustwave

Read more about Babuk2 Bjorka: The Evolution of Ransomware for 'Data Commoditization'

Malware hiding in plain sight: Spying on North Korean Hackers

Mar 31, 2025 By Madeline Lawrence In Aikido

On March 13th 2025, our malware analysis engine alerted us to a potential malicious package that was added to NPM. First indications suggested this would be a clear-cut case, however, when we started peeling back the layers things weren’t quite as they seemed. Here is a story about how sophisticated nation state actors can hide malware within packages.

Read Post

Aikido

Read more about Malware hiding in plain sight: Spying on North Korean Hackers

Launching Aikido Malware - Open Source Threat Feed

Mar 31, 2025 By Charlie Eriksen In Aikido

Our Aikido Intel team has been identifying undisclosed open-source vulnerabilities using LLM-driven analysis and human verification. Now, we’re expanding our supply chain security research to detect and track malware in open-source packages, cheaper, better, & faster than what exists today.

Read Post

Aikido

Read more about Launching Aikido Malware - Open Source Threat Feed

Cyber Heroes: When Citizens Fight Back Against Ransomware

Mar 31, 2025 By Rubrik In Rubrik

Highlighting real-world examples of civilian cyber engagement, from the Ransomware Hunting Team developing decryptors to organizational models like Cyber Peace Builders that connect volunteers with nonprofits needing cybersecurity assistance.

View Video