Conclusion and security recommendations The newly discovered Gunra ransomware Linux variant significantly broadens the ransomware group’s range for attacks, signifying its clear intent to adapt and expand beyond its original scope. This shift into the Linux environment is among the latest of this trend in the ransomware landscape: going cross-platform to widen and expand their...Read More
Results from the Semperis 2025 Global Ransomware Risk Report indicate that Singapore faces the highest global risk of regulatory extortion from cybercriminals. The report, based on a survey of nearly 1,500 organisations worldwide, highlights the prevalence and characteristics of recent ransomware attacks across various sectors and regions. According to the study, 61% of organisations based...Read More
Disappearance of significant RaaS groups Several prominent RaaS groups, including RansomHub, Babuk-Bjorka, FunkSec, BianLIan, 8Base, Cactus, Hunters International, and Lockbit, stopped publishing new victims. Though the reasons for their disappearances vary, the net effect is a fragmented ransomware ecosystem no longer dominated by one or two major players. Decline in publicly posted victims Q2 2025...Read More
Ransomware remains one of the most persistent threats facing enterprises and public sector organizations. The latest research from ThreatLabz confirms that attacks are not only increasing in volume, but also shifting toward more targeted, data-driven extortion tactics. The newly released Zscaler ThreatLabz 2025 Ransomware Report examines year-over-year spikes in ransomware activity blocked by the Zscaler...Read More
New data from Zscaler shows that manufacturing, technology, and healthcare remain the most frequently targeted sectors, representing high-stakes environments that are ripe for extortion and leverage, where disruption can yield maximum leverage for attackers. Meanwhile, ransomware attacks on the oil and gas industry surged 935.3% year-over-year, likely fueled by a growing reliance on automation across...Read More
Cybersecurity Ventures projects ransomware costs could top $265 billion a year by 2031, while total cybercrime damages may hit $10.5 trillion globally this year. Artificial intelligence (AI) has become one of the most potent force multipliers the criminal underground has ever seen. Generative models that write immaculate prose, mimic voices, and chain exploits together have lowered the cost of sophisticated...Read More
A recent wave of ransomware attacks targeting SonicWall firewall devices may be related to a zero-day vulnerability in the products, according to researchers. Anomalous firewall activity that began on July 15 and involved VPN access through SonicWall SSL VPNs morphed into intrusions the following week, researchers at Arctic Wolf said. “This appears to be affecting...Read More
Operators of LockBit ransomware have improved their tactics, methods, and procedures (TTPs) to avoid detection and increase damage in the always changing world of cyberthreats. By exploiting DLL sideloading and masquerading, these attackers disguise malicious activities within legitimate system processes, enabling persistence and seamless integration into compromised environments. DLL sideloading tricks trusted applications into loading...Read More
Good Samaritan Health Center On Nov. 4, 2024, Marietta-based Good Samaritan Health Center of Cobb, detected suspicious activity on its computer systems. The organization was able to secure its systems and engage a specialized third-party cybersecurity firm to investigate the situation. The forensic investigation revealed that an unauthorized actor had accessed and acquired certain data...Read More
The SafePay ransomware organization has quickly become a powerful operator since its initial detection in September 2024, marking a startling increase in the cyber threat scenario. Unlike predominant ransomware-as-a-service (RaaS) models that rely on affiliates for dissemination and profit-sharing, SafePay operates autonomously, with its core developers directly orchestrating intrusions and extortion campaigns. This self-contained approach...Read More
