Lucene search
K

6521 matches found

Talos Blog
Talos Blog
added 2026/03/31 10:0 a.m.6 views

Ransomware in 2025: Blending in is the strategy

Ransomware attacks aren't smash-and-grab anymore. They're built on access that already looks legitimate -- closer to positioning chess pieces than breaking the door down. That's the big trend that comes through in the ransomware data from the Talos 2025 Year in Review. Once attackers have initial...

6AI score
Exploits0
Veeam
Veeam
added 2026/03/31 12:0 a.m.15 views

Malware and Ransomware Detection in M365

Availability Requirement Threat Detection is available to Veeam Data Cloud for Microsoft 365 customers with Premium or Advanced plans. Customers must opt in to AI settings to enable this feature. Contact your Veeam account team or see your plan details to confirm availability. Supported Workloads...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.3 views

Design Principles for the Construction of a Benchmark Evaluating Security Operation Capabilities of Multi-Agent AI Systems

As Large Language Models LLMs and multi-agent AI systems are demonstrating increasing potential in cybersecurity operations, organizations, policymakers, model providers, and researchers in the AI and cybersecurity communities are interested in quantifying the capabilities of such AI systems to...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.13 views

Safeguarding LLMs against Misuse and AI-Driven Malware Using Steganographic Canaries

AI-powered malware increasingly exploits cloud-hosted generative-AI services and large language models LLMs as analysis engines for reconnaissance and code generation. Simultaneously, enterprise uploads expose sensitive documents to third-party AI vendors. Both threats converge at the AI service...

6AI score
Exploits0
HackRead
HackRead
added 2026/03/27 3:43 p.m.9 views

BianLian Ransomware Spreads via Fake Invoice SVG Images in New Attacks

Researchers at WatchGuard have identified a new phishing campaign targeting companies in Venezuela. Using malicious SVG image files…...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/27 10:4 a.m.4 views

Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. "Bearlyfy also known as...

5.9AI score
Exploits0
Talos Blog
Talos Blog
added 2026/03/26 12:48 p.m.3 views

Talos Takes: 2025 insights from Talos and Splunk

In this episode of Talos Takes, Amy is joined by William Largent Cisco Talos and Lou Stella Splunk for a "double-header" discussion. With the recent release of the Cisco Talos 2025 Year in Review and the Splunk Top 50 Cybersecurity Threats report, we're breaking down the most critical trends that...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/25 11:52 a.m.7 views

Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks

The U.S. Department of Justice DoJ said a Russian national has been sentenced to two years in prison for managing a botnet that was used to launch ransomware attacks against U.S. companies. Ilya Angelov, 40, of Tolyatti, Russia, was also fined $100,000. Angelov, who went by the online aliases...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/24 6:49 a.m.6 views

U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage

A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years 81 months in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations. According to the U.S. Departme...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/23 4:0 p.m.7 views

Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started

In this article 1. The growing threat: GPO abuse in ransomware operations 2. The incident 3. The results 4. The hardening dilemma: Why threat actors love operational mechanisms 5. Predictive shielding: Contextual, just-in-time hardening 6. Closing the gap 7. References Summary Microsoft Defender...

6.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/23 4:0 p.m.14 views

Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started

In this article 1. The growing threat: GPO abuse in ransomware operations 2. The incident 3. The results 4. The hardening dilemma: Why threat actors love operational mechanisms 5. Predictive shielding: Contextual, just-in-time hardening 6. Closing the gap 7. References Summary Microsoft Defender...

6.2AI score
Exploits0
Talos Blog
Talos Blog
added 2026/03/23 12:55 p.m.4 views

Beers with Talos breaks down the 2025 Talos Year in Review

The Beers with Talos B team that's Hazel, Bill, Joe and Dave break down sometimes in the literal sense the 2025 Talos Year in Review which is available now. The team dives into the biggest cybersecurity trends of the year, including: The rapid weaponization of new vulnerabilities Why identity abu...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/19 6:52 p.m.7 views

54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security

A new analysis of endpoint detection and response EDR killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver BYOVD by abusing a total of 35 vulnerable drivers. EDR killer programs have been a common presence in ransomware intrusions as they offer a way...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/19 2:25 p.m.11 views

ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More

ThreatsDay Bulletin is back on The Hacker News, and this week feels off in a familiar way. Nothing loud, nothing breaking everything at once. Just a lot of small things that shouldn’t work anymore but still do. Some of it looks simple, almost sloppy, until you see how well it lands. Other bits fe...

9.8CVSS6.7AI score0.99999EPSS
Exploits42
Talos Blog
Talos Blog
added 2026/03/19 10:0 a.m.4 views

Everyday tools, extraordinary crimes: the ransomware exfiltration playbook

Data exfiltration activity increasingly leverages legitimate native utilities, commonly deployed third-party tools, and cloud service clients, reducing the effectiveness of static indicators of compromise IOCs and tool-based blocking strategies. The Exfiltration Framework systematically normalize...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/19 6:5 a.m.9 views

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite ZCS and Microsoft Office SharePoint, stating they have been actively exploited in the wild. The vulnerabilities in...

10CVSS7.5AI score0.57793EPSS
Exploits14
Packet Storm News
Packet Storm News
added 2026/03/19 12:0 a.m.3 views

On the Effectiveness of the UK NIS Regulations As a Mandatory Cybersecurity Reporting Regime

Existing cybersecurity literature lacks a source of empirical, representative data as to the true nature of cyberattacks on Critical National Infrastructure. We have obtained UK-wide data on incidents reported under the Network and Information Systems NIS Regulations in 2024 causing "a significan...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/18 4:0 p.m.10 views

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center FMC Software. The vulnerability in question is CVE-2026-20131 CVSS score: 10.0, a case of insecure...

10CVSS7.1AI score0.27551EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2026/03/18 1:0 p.m.11 views

The Attack Cycle is Accelerating: Announcing the Rapid7 2026 Global Threat Landscape Report

The predictive window has collapsed. In 2025, high-impact vulnerabilities weren’t quietly accumulating risk. They were operationalized, and often within days. Today, Rapid7 Labs released the 2026 Global Threat Landscape Report, an in-depth analysis of how attacker behavior is evolving across...

6.1AI score
Exploits0
Trellix
Trellix
added 2026/03/18 12:0 a.m.10 views

Dark Web Roast February 2026 Edition

Dark Web Roast - February 2026 Edition By Trellix Advanced Research Center · March 18, 2026 Executive Summary February 2026 delivered another stellar month in the ongoing theatre of the absurd that is the cybercriminal underground, where ransomware gangs bulk-scheduled their extortion like a...

9.8CVSS6.4AI score0.04307EPSS
Exploits1
Rows per page
Query Builder