A recent incident response investigation from THE DFIR report has revealed the sophisticated tactics employed by RansomHub ransomware operators in a coordinated attack campaign that compromised an entire corporate network through an exposed Remote Desktop Protocol (RDP) server. The attack, which occurred in November 2024, demonstrates the evolving threat landscape facing organizations with remote access...Read More
On-Demand webinar from Rubrik June 23, 2025 In this OnDemand webinar, we delve into the critical lessons learned from the latest ransomware threat targeting Amazon S3 buckets. We examined how this sophisticated threat actor leveraged vulnerabilities in cloud environments, highlighting the limitations of relying solely on S3 replication for data protection, and how...Read More
Matthias Bastian Matthias is the co-founder and publisher of THE DECODER, exploring how AI is fundamentally changing the relationship between humans and computers. Cybercriminals are upgrading WormGPT with stronger AI models. The original WormGPT, which launched in June 2023, used the open source GPT-J model to create a censorship-free LLM for cybercrime. Now, Cato CTRL...Read More
June 18, 2025 3:00 AM EDT | Source: Quantum eMotion Corp. Montreal, Quebec–(Newsfile Corp. – June 18, 2025) – Quantum eMotion Corp. (TSXV: QNC) (OTCQB: QNCCF) (FSE: 34Q0) (“QeM” or the “Company”) is pleased to announce that its partner, Greybox Solutions, has begun deploying its secure digital health platform, TakeCareTM, across leading rehabilitation centers...Read More
Cybersecurity researchers have uncovered the alleged sale of a sophisticated Malware-as-a-Service (MaaS) botnet that combines legitimate development frameworks with cutting-edge evasion techniques. The threat actor is reportedly offering the complete source code of a botnet that leverages Node.js runtime, blockchain-based command and control infrastructure, and modern web technologies to create a highly resilient and scalable...Read More
A formidable new strain of ransomware, dubbed Lyrix, has recently surfaced, posing a significant threat to Windows users worldwide. Cybersecurity researchers have identified Lyrix as a highly advanced malicious software designed to encrypt critical files and demand substantial ransoms for decryption keys. New Threat Emerges with Sophisticated Tactics Unlike typical ransomware, Lyrix incorporates cutting-edge evasion...Read More
Cybersecurity researchers at AttackIQ have meticulously emulated the intricate tactics, techniques, and procedures (TTPs) of the VanHelsing ransomware, a potent ransomware-as-a-service (RaaS) operation that surfaced in March 2025. This cyber threat has rapidly gained notoriety within the cybercriminal underworld for its advanced cross-platform capabilities and aggressive double extortion model. VanHelsing targets a wide array of...Read More
Cybersecurity experts have successfully emulated the behaviors of VanHelsing, a sophisticated ransomware-as-a-service (RaaS) operation that emerged in March 2025 and has rapidly gained notoriety in cybercriminal circles. The ransomware employs a double extortion model, encrypting victims’ files with the Curve25519 and ChaCha20 algorithms while simultaneously exfiltrating sensitive data and threatening public disclosure if ransom demands...Read More
The cyber threat intelligence industry is strongly rooted in a military-government mindset in large part because so many people doing the work in private industry came from the national security space. These people bring with them the mission and objectives learned in the public sector. This can result in biasing espionage and spying over the...Read More
