[ad_1] The U.S. Department of Homeland Security (DHS) says the cybercrime gang behind the Royal and BlackSuit ransomware operations had breached hundreds of U.S. companies before being taken down last month. Homeland Security Investigations (HSI), DHS’s main investigative arm, which took down the group’s infrastructure in cooperation with international law enforcement partners, added that the cybercriminals also collected over...Read More
[ad_1] SonicWall dismisses zero-day fears after Ransomware probe Pierluigi Paganini August 08, 2025 SonicWall found no evidence of a new vulnerability after probing reports of a zero-day used in ransomware attacks. SonicWall investigated claims of a zero-day being used in ransomware attacks but found no evidence of any new vulnerability in its products. SonicWall launched...Read More
[ad_1] A May 2025 attack on a financial institution in Asia saw the Fog ransomware deployed, alongside an unusual toolset, including some dual-use and open-source pentesting tools we have not observed being used in ransomware attacks previously. The attackers used a legitimate employee monitoring software called Syteca (formerly Ekran), which is highly unusual and not...Read More
[ad_1] Ransomware attacks are rising quickly in the US Hackers are focusing on data exfiltration Oil and gas is growing increasingly popular among threat actors The US is now the ransomware capital of the world. The majority of the attacks are targeting US organizations, and in the last year, the number of attacks has dramatically...Read More
[ad_1] New research from Secureframe has identified the five most significant emerging cyber threats for 2025, focusing on the risks posed to critical sectors including healthcare, infrastructure, and small and medium-sized businesses. The report by Secureframe analyses recent high-profile breaches along with global threat trends and highlights an environment increasingly shaped by AI-driven attacks, organised...Read More
[ad_1] SonicWall said late Wednesday that a wave of attacks targeting SonicWall 7 customers since July involved a previously disclosed improper access-control vulnerability and not a zero-day flaw. The company said the hacks — which have involved ransomware — were associated with the vulnerability CVE-2024-40766, which can lead to firewall crashes. Affected customers were using legacy...Read More
[ad_1] Akira ransomware gang observed using exploiting CPU driver to disable security software Hackers caught using Bring Your Own Vulnerable Driver attack to exploit SonicWall firewall devices. Analysts at multiple cyber security firms recently warned of affiliates of the Akira ransomware gang targeting an unknown vulnerability in SonicWall Gen 7 Firewalls, but now we know...Read More
[ad_1] Attackers wielding the Akira ransomware and possibly a zero-day exploit have been spotted targeting SonicWall firewalls since July 15, 2025. “In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs,” Arctic Wolf researchers have warned. Though they haven’t yet ruled out...Read More
[ad_1] Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide. Security researchers at Palo Alto Networks’ Unit 42 have discovered a 4L4MD4R ransomware variant, based on open-source Mauri870 code, while analyzing incidents involving...Read More
