%term

A Deep Dive into Strela Stealer and how it Targets European Countries

Mar 6, 2025 By Dawid Nesterowicz In Trustwave

Infostealers have dominated the malware landscape due to the ease of threat operations maintenance, and a wide group of potential victims. In this blog, we take a closer look at a unique infostealer designed to precisely target a narrow data set on systems located in chosen geographic locations. The Strela Stealer (rus. Cтрела, lit. 'Arrow') is an infostealer that exfiltrates email log-in credentials and has been in the wild since late 2022.

Read Post

Trustwave

Read more about A Deep Dive into Strela Stealer and how it Targets European Countries

CTI Roundup: Auto-Color Malware, Vulnerable Windows Driver, and Lotus Blossom

Mar 5, 2025 By Tanium In Tanium

Auto-color Linux malware grants full remote access, attackers exploit Truesight.sys in new malware campaign, and Lotus Blossom threatens multiple industries.

Read Post

Tanium

Read more about CTI Roundup: Auto-Color Malware, Vulnerable Windows Driver, and Lotus Blossom

Trouble Brewing: Dissecting a fake homebrew update that stole user data

Mar 5, 2025 By Oliver Simonnet In CultureAI

A few weeks ago, a malware campaign that leveraged Google Ads to promote a fake Homebrew website caught my attention. It tricked users into running an installer command that downloaded and executed a malicious binary resulting in an info stealer being introduced to the user’s machine.

Read Post

CultureAI

Read more about Trouble Brewing: Dissecting a fake homebrew update that stole user data

Cactus Ransomware: What You Need To Know

Mar 5, 2025 By Graham Cluley In Tripwire

Cactus is a ransomware-as-a-service (RaaS) group that encrypts victim's data and demands a ransom for a decryption key. Hundreds of organisations have found themselves the victim of Cactus since it was first discovered in March 2023, with their stolen data published on the dark web as an "incentive" to give in to the extortionists' demands.

Read Post

Tripwire

Read more about Cactus Ransomware: What You Need To Know

February 2025 Cybersecurity Consulting Updates and Ransomware Activity

Mar 5, 2025 By Bindu Sundaresan In LevelBlue

Each month, we break down critical cybersecurity developments, equipping security professionals with actionable intelligence to strengthen defenses. Beyond threat awareness, this blog also provides insights into incident readiness and response, drawing from real-world experiences in consulting cybersecurity services. Learn how organizations can proactively prepare for cyber incidents, mitigate risks, and enhance their resilience against evolving attack vectors.

Read Post

LevelBlue

Read more about February 2025 Cybersecurity Consulting Updates and Ransomware Activity

People and Process Drive Technology: Modern Ways to Bridge IT Ops and Security

Mar 4, 2025 By Rubrik In Rubrik

In this episode of Into the Breach, James Purvis and Mike Schmidt tackle the evolving relationship between IT Ops and IT Security. They discuss how eliminating silos, adopting a people-and-process-driven approach, and embracing platformization can bridge the gap between these traditionally separate teams. Learn how modern organizations are shifting from best-of-breed solutions to integrated platforms to improve collaboration, streamline workflows, and achieve faster, more effective outcomes as cloud adoption skyrockets.

View Video

Rubrik

Read more about People and Process Drive Technology: Modern Ways to Bridge IT Ops and Security

The Rise of Perfect Clones: The Darcula Phishkit and How to Stop It

Mar 3, 2025 By Arthur Zavalkovsky In Memcyco

It’s no secret that phishing has always relied on deception. Scam-targeted enterprises the world over warn their customers of the social engineering tactics and brand impersonation designed to trick them into handing over credentials. Besides email-based phishing, social media has become a hotbed for phishing attacks, with scammers using fake ads, impersonated accounts, and fraudulent messages to lure users.

Read Post

Memcyco

Read more about The Rise of Perfect Clones: The Darcula Phishkit and How to Stop It

Never Let a Good Crisis Go to Waste - CISO's Powerful Take on Security Improvement

Mar 3, 2025 By Rubrik In Rubrik

Amy Bogac, CISO at Elevate Textiles, shares her candid approach to cybersecurity program management. She emphasizes the importance of distinguishing between immediate fixes and long-term improvements after security incidents. Key insights: Set clear boundaries between incident resolution and continuous improvement Use security incidents as leverage for necessary program investments Learn from every crisis to strengthen your security posture Distinguish between short-term fixes and long-term strategic improvements.

View Video

Rubrik

Read more about Never Let a Good Crisis Go to Waste - CISO's Powerful Take on Security Improvement

Modern Storage Meets Cyber Resilience: The Rubrik and Pure Storage Solution Architecture for Unstructured Data

Mar 3, 2025 By Kanika Thapar In Rubrik

Additional contributor: Dan Kogan, VP of Enterprise Growth and Solutions at Pure Storage Rubrik and Pure Storage have partnered to deliver a reference architecture solution that enables organizations to unify, manage, and secure unstructured data at scale. According to projections from UBS, data volumes will reach as much as 660 zettabytes—or 129GB per person on Earth—by 2030.

Read Post

Rubrik

Read more about Modern Storage Meets Cyber Resilience: The Rubrik and Pure Storage Solution Architecture for Unstructured Data

VGod Ransomware Analysis: Golang-Based Threat with ChaCha8 and AES Encryption, Persistence, and Mitigation

Mar 2, 2025 By Foresiet In Foresiet

Ransomware remains one of the most pressing cybersecurity threats, affecting individuals and organizations worldwide. Among the latest ransomware strains making headlines is VGOD ransomware, known for its advanced encryption techniques and aggressive attack methods. In this blog, we will explore the workings of VGOD ransomware, recent incidents, and the critical lessons organizations must learn to protect against such threats.

Read Post