Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Splunk Threat Research Team has identified a campaign targeting ISP infrastructure providers on the West Coast of the United States and the country of China. This mass exploitation campaign originates from Eastern Europe and uses simple tools that abuse victim’s computer processing power to install cryptomining payloads and binaries with diverse functions such as.

Cyjax monitors and analyses the initial access broker (IAB) market on the most prominent cybercriminal forums. As noted in Cyjax’s 2024 IAB market in review, it is almost certain that extortion groups, APTs, data brokers, and other threat groups use IABs to gain initial access to targeted networks. Though at first glance it is not immediately obvious how important the IAB market is to the threat landscape, Cyjax has conducted a deep analysis of public IAB listings and extortion group DLSs.

On 11 February 2025, a Telegram user called ExploitWhispers shared a ZIP file to a Russian-language Telegram channel. The user claimed that this file contained the internal Matrix chat logs of the BlackBasta ransomware group and was captured between 18 September 2023 and 28 September 2024. The user also shared information about some of the BlackBasta members, including one of the operation’s admins, the group’s administrator, and leader Oleg Nefedov.

“It takes 18 days on average for organizations to recover from a ransomware attack” – IBM Cost of a Data Breach Report 2024. The clock starts ticking as soon as ransomware hits your network. Attackers no longer rely solely on opportunistic phishing; they now attack weak network defenses, move laterally across systems, and encrypt important data before demanding a ransom. Traditional security solutions sometimes notice breaches too late to adequately detect threats.

We are often asked how Rubrik Security Cloud differs from AWS Backup. It's a valid question because, at first glance, the two solutions seem similar. Both have cloud-first, API-driven architectures. Both are built specifically to ensure reliable backup and recovery for data stored across AWS. Both support a wide range of the most popular AWS workloads including EC2, EBS, S3, RDS and EKS.

At Rubrik, we rely on a multi-tenant architecture to store customer metadata in a large fleet of Cloud SQL database instances. With numerous production deployments globally, each supporting multiple customer accounts, maintaining high availability, performance, and robustness across this infrastructure is critical. Managing a large fleet of Cloud SQL instances and ensuring they remain resilient and performant has been a journey filled with valuable lessons.