Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware
Feb 07, 2025Ravie LakshmananVulnerability / Threat Intelligence
Threat actors have been observed exploiting recently disclosed security flaws in SimpleHelp's Remote Monitoring and Management (RMM) software as a precursor for what...
Top 3 Ransomware Threats Active in 2025
You arrive at the office, power up your system, and panic sets in. Every file is locked, and every system is frozen. A ransom demand flashes on your screen:...
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023
Feb 06, 2025Ravie LakshmananCybercrime / Ransomware
Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023.
The total amount extorted during the...
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims...
What Is Attack Surface Management?
Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what's exposed and where attackers are most likely to strike.
With...
How Interlock Ransomware Infects Healthcare Organizations
Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and...
Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations
Jan 28, 2025Ravie LakshmananRansomware / Threat Intelligence
Cybersecurity researchers have found that ransomware attacks targeting ESXi systems are also leveraging the access to repurpose the appliances as a conduit to...
TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware
Jan 23, 2025Ravie LakshmananCloud Security / Cryptojacking
Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and...
QakBot-Linked BC Malware Adds Enhanced Remote Access and Data Gathering Features
Jan 23, 2025Ravie LakshmananMalware / Threat Intelligence
Cybersecurity researchers have disclosed details of a new BackConnect (BC) malware that has been developed by threat actors linked to the infamous QakBot...
Experts Find Shared Codebase Linking Morpheus and HellCat Ransomware Payloads
Jan 23, 2025Ravie LakshmananThreat Intelligence / Data Breach
An analysis of HellCat and Morpheus ransomware operations has revealed that affiliates associated with the respective cybercrime entities are using identical code...
