Windows users should think about reinforcing their antivirus software. And while Microsoft Defender should provide a line of defense against ransomware, a new report claims that hackers have found a way to get around the ransomware tool to infect PCs with ransomware. A GuidePoint Security report (via BleepingComputer) found that hackers are using Akira ransomware...Read More
As ransomware attacks evolve from encrypting data to stealing it, a zero-trust framework becomes increasingly critical. This approach replaces traditional security models with a “never trust, always verify” posture that treats every access request as a potential threat. Zscaler Cloud implements its zero-trust framework by replacing outdated perimeter defenses with identity- and context-based access controls. These...Read More
A financially motivated threat actor has been involved in a cluster of activity linked to the ToolShell vulnerability in Microsoft SharePoint, researchers at Palo Alto Networks Unit 42 said Tuesday. The threat actor has developed a custom tool set that includes ransomware, deployment of a malicious backdoor called AK47C2, and loaders. Microsoft in July said...Read More
The thing about security conferences like Black Hat, which took Las Vegas by storm this week, is that you end up seeing some nuanced, technical things that seem like they don’t matter but actually do, and then you see other things that are just terrifying beyond belief. Thankfully, the PCMag security team was there to...Read More
The North Korean state-backed hacker group tracked as ScarCruft recently took the unusual step of infecting targets with ransomware alongside other malicious files, researchers said. ScarCruft, primarily known for cyber-espionage campaigns against high-profile individuals and government entities, used “newly observed” ransomware as part of the operation, analysts at South Korean cybersecurity firm S2W said in...Read More
Federal law enforcement agencies have successfully dismantled the critical infrastructure of BlackSuit ransomware, a sophisticated cybercriminal operation that has compromised over 450 victims across the United States since 2022 and collected more than $370 million in ransom payments. Major International Operation Targets Cyber Criminal Network ICE’s Homeland Security Investigations (HSI) led the coordinated takedown in...Read More
Cyble, a vendor in the threat intelligence and cybercrime monitoring space, has released its Global Threat Landscape Report: H1 2025, revealing a sharp rise in ransomware and supply chain attacks across the world—with India emerging as one of the most targeted nations in the APAC region. The report also highlights a dangerous consolidation of capabilities...Read More
The U.S. Department of Homeland Security (DHS) says the cybercrime gang behind the Royal and BlackSuit ransomware operations had breached hundreds of U.S. companies before being taken down last month. Homeland Security Investigations (HSI), DHS’s main investigative arm, which took down the group’s infrastructure in cooperation with international law enforcement partners, added that the cybercriminals also collected over $370...Read More
SonicWall dismisses zero-day fears after Ransomware probe Pierluigi Paganini August 08, 2025 SonicWall found no evidence of a new vulnerability after probing reports of a zero-day used in ransomware attacks. SonicWall investigated claims of a zero-day being used in ransomware attacks but found no evidence of any new vulnerability in its products. SonicWall launched the...Read More
A May 2025 attack on a financial institution in Asia saw the Fog ransomware deployed, alongside an unusual toolset, including some dual-use and open-source pentesting tools we have not observed being used in ransomware attacks previously. The attackers used a legitimate employee monitoring software called Syteca (formerly Ekran), which is highly unusual and not something...Read More
