TL-RL-FusionNet: An Adaptive and Efficient Reinforcement Learning-Driven Transfer Learning Framework for Detecting Evolving Ransomware Threats

Modern ransomware exhibits polymorphic and evasive behaviors by frequently modifying execution patterns to evade detection. This dynamic nature disrupts feature spaces and limits the effectiveness of static or predefined models. To address this challenge, we propose TL-RL-FusionNet, a reinforceme...

Explainable Attention-Based LSTM Framework for Early Detection of AI-Assisted Ransomware Via File System Behavioral Analysis

Ransomware continues to evolve as one of the most disruptive cyber threats, with recent variants increasingly leveraging automated and AI-assisted techniques to evade traditional signature-based defenses. Early detection of such attacks remains a significant challenge, particularly when malicious...

Privacy-Aware Machine Unlearning with SISA for Reinforcement Learning-Based Ransomware Detection

Ransomware detection systems increasingly rely on behavior-based machine learning to address evolving attack strategies. However, emerging privacy compliance, data governance, and responsible AI deployment demand not only accurate detection but also the ability to efficiently remove the influence...

RansomTrack: A Hybrid Behavioral Analysis Framework for Ransomware Detection

Ransomware poses a serious and fast-acting threat to critical systems, often encrypting files within seconds of execution. Research indicates that ransomware is the most reported cybercrime in terms of financial damage, highlighting the urgent need for early-stage detection before encryption is...

Automating Cloud Security and Forensics through a Secure-By-Design Generative AI Framework

As cloud environments become increasingly complex, cybersecurity and forensic investigations must evolve to meet emerging threats. Large Language Models LLMs have shown promise in automating log analysis and reasoning tasks, yet they remain vulnerable to prompt injection attacks and lack forensic...

An overview of ransomware threats in Japan in 2025 and early detection insights from Qilin cases

In 2025, a total of 134 ransomware incidents were reported in Japan, marking a 17.5% increase compared to 2024. Among these, 22 incidents were attributed to Qilin, representing 16.4% of the total. In 2025, Qilin ransomware was highly active. Looking ahead to 2026, unless there is significant...

Malware and Ransomware Detection in M365

Availability Requirement Threat Detection is available to Veeam Data Cloud for Microsoft 365 customers with Premium or Advanced plans. Customers must opt in to AI settings to enable this feature. Contact your Veeam account team or see your plan details to confirm availability. Supported Workloads...

BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities

RISK EVALUATION BullWall Ransomware Containment and Server Intrusion Protection are products used for ransomware containment. Multiple vulnerabilities were reported that when used individually or in conjunction could allow a remote attacker with valid credentials to log in to a system with...

Interpretable Ransomware Detection Using Hybrid Large Language Models: A Comparative Analysis of BERT, RoBERTa, and DeBERTa through LIME and SHAP

Ransomware continues to evolve in complexity, making early and explainable detection a critical requirement for modern cybersecurity systems. This study presents a comparative analysis of three Transformer-based Large Language Models LLMs BERT, RoBERTa, and DeBERTa for ransomware detection using...

Federated Cyber Defense: Privacy-Preserving Ransomware Detection across Distributed Systems

Detecting malware, especially ransomware, is essential to securing today's interconnected ecosystems, including cloud storage, enterprise file-sharing, and database services. Training high-performing artificial intelligence AI detectors requires diverse datasets, which are often distributed acros...

Cloud Investigation Automation Framework (CIAF): An AI-Driven Approach to Cloud Forensics

Large Language Models LLMs have gained prominence in domains including cloud security and forensics. Yet cloud forensic investigations still rely on manual analysis, making them time-consuming and error-prone. LLMs can mimic human reasoning, offering a pathway to automating cloud log analysis. To...

Qualys Achieves 100% Major Step Detection in the 2024 MITRE ATT&CK Evaluations, Enterprise

How Qualys Transformed from Risk Leader to EDR Powerhouse In today’s rapidly evolving threat landscape, ransomware continues to dominate as one of the most significant cybersecurity challenges. To help organizations evaluate their defenses against these sophisticated threats, the MITRE ATT&CK...

Stopping a targeted attack on a Managed Service Provider (MSP) with ThreatDown MDR

In late January 2024, the ThreatDown Managed Detection and Response MDR team found and stopped a three-month long malware campaign against a Managed Service Provider MSP based in Europe. In line with our observations of attackers increasingly relying on legitimate software in their attacks, the...

A week in security (October 10 - 16)

Last week on Malwarebytes Labs: Teen talk: What it's like to grow up online, and the role of parents: Lock and Code S03E21 White House unveils Blueprint for an AI Bill of Rights Credential stuffers take aim at Final Fantasy XIV players Meta accuses apps of stealing WhatsApp accounts Smart lights...

Top 5 ransomware detection techniques: Pros and cons of each

In the fight against ransomware, much of the discussion revolves around prevention and response. Actually detecting the ransomware, however, is just as important to securing your business. To understand why, just consider the following example. Lets say youre a farmer taking care of a flock of...

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection for metadata, virtual environments, and other environmental data. A security vulnerabili...

Intel Adds Hardware-Enabled Ransomware Detection to 11th Gen vPro Chips

Intel and Cybereason have partnered to build anti-ransomware defenses into the chipmaker's newly announced 11th generation Core vPro business-class processors. The hardware-based security enhancements are baked into Intel's vPro platform via its Hardware Shield and Threat Detection Technology TDT...

Intel Adds Hardware-Enabled Ransomware Detection to 11th Gen vPro Chips

Intel and Cybereason have partnered to build anti-ransomware defenses into the chipmaker's newly announced 11th generation Core vPro business-class processors. The hardware-based security enhancements are baked into Intel's vPro platform via its Hardware Shield and Threat Detection Technology TDT...

Securing the modern workplace with Microsoft 365 threat protection – part 4

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. Responding to ransomware in the Modern Workplace Over the last few weeks, we have shared the roots of Microsoft 365 threat protection and how Microsoft 365 threat protection helps protect against and...

Securing the modern workplace with Microsoft 365 threat protection – part 3

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. Detecting ransomware in the modern workplace Over the last two weeks, we have shared with you the roots of Microsoft 365 threat protection and how Microsoft 365 threat protect helps protect the modern...