Last, but not least, plan for these identity attacks and have a playbook for recovery. Ransomware and breaches will occur. In the past merely restoring from a backup and rebuilding AD was enough of a process. Now with identity being the key way attackers gain access, they will be looking for ways to keep persistent...Read More
Forescout Technologies has released its 2025H1 Threat Review – analysing more than 23,000 vulnerabilities and 885 threat actors across 159 countries worldwide during the first half of 2025. The key findings show that ransomware attacks are averaging 20 incidents a day, zero-day exploits increased 46%, and attackers are increasingly targeting non-traditional equipment like Edge devices,...Read More
Threat actors are embracing ClickFix, ransomware gangs are turning on each other – toppling even the leaders – and law enforcement is disrupting one infostealer after another 05 Aug 2025 • , 1 min. read “It’s all fun and games until someone gets hurt” could well be the title of the latest ESET Threat Report,...Read More
West Texas Oral Facial Surgery On May 29, 2025, West Texas Oral Facial Surgery was the victim of a data breach after a ransomware attack by the group INC RANSOM. The incident led to a network disruption and unauthorized access to sensitive files. The ransomware group INC RANSOM publicly claimed responsibility for the attack on...Read More
Despite tens of millions of revenue, a $230,000 ransomware fee has seemingly taken out one of Germany’s leading insurance firms. As reported by Wa.de and Golem.de (via our friends at Tom’s Hardware), Einhaus Group was originally targeted back in 2023. Hacking group Royal reportedly told Einhaus Group founder Wilhelm Einhaus, “We’ve hacked you. All further...Read More
Unit 42 researchers have identified significant overlaps between Microsoft’s reported ToolShell exploit chain targeting SharePoint vulnerabilities and a tracked activity cluster dubbed CL-CRI-1040. This cluster, active since at least March 2025, deploys a custom malware suite named Project AK47, comprising multi-protocol backdoors, ransomware, and DLL side-loading loaders. Microsoft’s analysis attributes the activity to Storm-2603, a...Read More
A sophisticated Chinese threat actor has been exploiting critical vulnerabilities in Microsoft SharePoint to deploy an advanced malware toolset dubbed “Project AK47,” according to new research published by Palo Alto Networks Unit 42. The campaign, which has been active since at least March 2025, represents a significant escalation in attacks targeting enterprise SharePoint environments through...Read More
Florida Hand Center, a specialized medical practice serving patients across Southwest Florida, experienced a major data breach. On July 8, 2025, a ransomware group known as RHYSIDA claimed responsibility for a cyberattack and posted on the dark web portal that it had successfully hacked the center’s systems and stolen sensitive data. It is believed the...Read More
Understanding Ransomware Ransomware attacks have grown into one of the most disruptive forms of cybercrime. These incidents typically begin when hackers gain access to an organization’s systems, encrypting data to block access and then demanding payment in exchange for its release. According to Mark Lance with GuidePoint Security, modern attacks often go further: “They’re also...Read More
Protecting critical infrastructure from ransomware and advanced cyberattacks is proving to be challenging across all sectors in the United States. In fact, these cyberattacks are growing in sophistication and are employing stealth techniques against common detection capabilities to remain undetected. The emergence of ransomware-as-a-service (RaaS) creates an elaborate ecosystem for leasing out malware and malicious...Read More
