EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing
Mar 06, 2025Ravie LakshmananMalware / Ransomware
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working...
Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers
Mar 04, 2025Ravie LakshmananNetwork Security / Ransomware
Internet service providers (ISPs) in China and the West Coast of the United States have become the target of a mass exploitation campaign...
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates
Mar 04, 2025Ravie LakshmananCybercrime / Threat Intelligence
Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining...
The New Ransomware Groups Shaking Up 2025
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023.
After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of...
Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks
Mar 03, 2025Ravie LakshmananRansomware / Vulnerability
Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary...
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It's like having your office computer with...
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
Feb 26, 2025Ravie LakshmananNetwork Security / Threat Intelligence
The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday warned of renewed activity from an organized criminal group it tracks as...
Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal Conflicts
More than a year's worth of internal chat logs from a ransomware gang known as Black Basta have been published online in a leak that provides unprecedented visibility into...
5 Active Malware Campaigns in Q1 2025
The first quarter of 2025 has been a battlefield in the world of cybersecurity. Cybercriminals continued launching aggressive new campaigns and refining their attack methods.
Below is an overview of...
Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense
Ransomware doesn't hit all at once—it slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the surface, with subtle warning signs...
