“On several occasions, the group assigned additional roles to compromised users, including the Exchange Administrator role,” according to ReliaQuest. “This role was used to monitor the inboxes of high-profile employees, enabling the attackers to stay ahead of the security team and maintain their control over the environment.” Ensuing battle over IT resources Despite the stealth...Read More
The Qilin ransomware organization is now the most prominent threat actor in the changing cybercriminal scene, following an unprecedented spike in ransomware activity in June 2025. Qilin’s strategic pivot toward high-value targets and aggressive recruitment of former RansomHub affiliates have allowed the group to outpace other ransomware-as-a-service (RaaS) operators. This surge in activity has coincided...Read More
The cybersecurity landscape witnessed a dramatic shift in June 2025 as the Qilin ransomware group emerged as the dominant threat actor, orchestrating an unprecedented surge in high-value targeted attacks across multiple sectors and geographical regions. This escalation represents a fundamental transformation in ransomware operations, moving beyond traditional financial motivations to encompass strategic and political objectives...Read More
High-profile attacks on Ingram Micro, Marks and Spencer (M&S) and the Co-op have reminded the channel of the need to encourage customers to protect themselves against ransomware. The past few days have seen Ingram recovering from a ransomware attack that hit the distributor late last week, and the chairman of M&S sharing the impact...Read More
‘This [attack] confirms above anything else that every client of every size needs to be vigilant. I’m not saying Ingram wasn’t, but this is why we do what we do for our clients,’ says Mark Essayian, president of KME Systems. Ingram Micro has restored all business operations around the globe after it suffered a ransomware...Read More
A hitherto unknown ransomware gang called SafePay quickly rose to prominence in the first quarter of 2025, becoming one of the most active and dangerous operators in the global cyber threat environment. With over 200 documented victims, including managed service providers (MSPs) and small-to-midsize businesses (SMBs) across various sectors, SafePay’s campaign has become a major...Read More
The US reportedly suspects a Russian professional basketball player has ties to a ransomware gang, going as far to request his arrest. Last month, police in France arrested 26-year-old Daniil Kasatkin at the Paris airport on allegations he’s been working with a ransomware gang, according to the media outlets Agence France-Presse and Le Monde. The...Read More
The US reportedly suspects a Russian professional basketball player has ties to a ransomware gang, going as far to request his arrest. Last month, police in France arrested 26-year-old Daniil Kasatkin at the Paris airport on allegations he’s been working with a ransomware gang, according to the media outlets Agence France-Presse and Le Monde. The...Read More
Authorities in Europe have detained five people, including a former Russian professional basketball player, in connection with crime syndicates responsible for ransomware attacks. Until recently, one of the suspects, Daniil Kasatkin, played for MBA Moscow, a basketball team that’s part of the VTB United League, which includes teams from Russia and other Eastern European countries....Read More
