BleepingComputer reports that the LockBit ransomware operation has been impacted by a data breach resulting in the defacement of its admin panels to include a message with a link redirecting to an archive file, which threat actor Rey noted to have an SQL file from its affiliate panel’s MySQL database. Additional analysis of the exposed...Read More

WASHINGTON — The DHS Cyber Crimes Center and Homeland Security Investigations (HSI) Detroit’s Columbus sub-office participated in the 4th International Cyber Offender Prevention Cybercrime Prevention Forum, held Nov. 19-21 at EUROPOL in The Hague, the Netherlands. The event gathered experts from law enforcement agencies across 37 countries to share knowledge, develop joint cybercrime interventions, and...Read More

A critical remote code execution vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324) is being actively exploited by a Chinese threat actor to compromise enterprise systems worldwide. The vulnerability allows attackers to achieve remote code execution by uploading malicious web shells through the vulnerable /developmentserver/metadatauploader endpoint. Exploitation has been observed primarily targeting manufacturing environments, where compromised...Read More

Ransomware-as-a-Service (RaaS) has solidified its position as the dominant framework driving ransomware attacks in 2024, according to the latest insights from Kaspersky ahead of International Anti-Ransomware Day on May 12. Kaspersky Security Network data reveals an 18% drop in ransomware detections from 5,715,892 in 2023 to 4,668,229 in 2024, yet the share of affected users...Read More

Update (1/6/2025): The UN General Assembly on Dec. 24, 2024, adopted the UN Cybercrime Treaty without a vote. The treaty will open for signature at a formal ceremony to be hosted in Hanoi, Viet Nam, in 2025. It will enter into force 90 days after being ratified by the 40th signatory. Most UN Member States,...Read More

Serge-Olivier Paquette, the Chief Product Officer at Flare, identifies some of the most significant blind spots in today’s cybersecurity workforce and explains how attackers are exploiting them. This article originally appeared in Insight Jam, an enterprise IT community that enables human conversation on AI. Downloading Roblox on a work laptop might seem innocent—until it isn’t. A...Read More

Victim negotiations and internal data leaked in major breach The notorious LockBit ransomware gang has fallen victim to a serious data breach, exposing sensitive information from its operations and internal infrastructure. The breach, which has defaced the group’s dark web affiliate panels, includes the leak of a MySQL database dump containing critical records related to...Read More

Patched Windows zero-day vulnerability (CVE-2025-29824) in the Common Log File System (CLFS) driver was exploited in attacks linked to the Play ransomware operation prior to its disclosure on April 8, 2025. The flaw, which enabled privilege escalation via a use-after-free condition in the clfs.sys kernel driver, was weaponized by Balloonfly, the cybercrime group behind Play...Read More

The cyber threat intelligence industry is strongly rooted in a military-government mindset in large part because so many people doing the work in private industry came from the national security space. These people bring with them the mission and objectives learned in the public sector. This can result in biasing espionage and spying over the...Read More

LockBit has suffered a data breach following panel defacement. (Photo: Tero Vesalainen/ Shutterstock) LockBit, a ransomware group known for numerous cyberattacks, has encountered a data breach following the defacement of its dark web affiliate panels. These panels now display a message stating, “Don’t do crime CRIME IS BAD xoxo from Prague,” along with a link...Read More