Lucene search
K

27 matches found

Securelist
Securelist
•added last week•10 views

The Gentlemen are knocking: сustom backdoors and evolving tactics

Introduction This year saw the emergence of The Gentlemen, a prominent example of a group operating under the ransomware-as-a-service RaaS model. Although our initial assessment suggested the group first appeared in mid-2025, it actually started ramping up its activities at the beginning of 2026...

6AI score
Exploits0
Securelist
Securelist
•added 2026/05/12 7:0 a.m.•8 views

State of ransomware in 2026

With International Anti-Ransomware Day taking place on May 12, Kaspersky presents its annual report on the evolving global and regional ransomware cyberthreat landscape. Ransomware remains one of the most persistent and adaptive cyberthreats. In 2026: New families continue to emerge, adopting...

6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
•added 2026/03/18 1:0 p.m.•10 views

The Attack Cycle is Accelerating: Announcing the Rapid7 2026 Global Threat Landscape Report

The predictive window has collapsed. In 2025, high-impact vulnerabilities weren’t quietly accumulating risk. They were operationalized, and often within days. Today, Rapid7 Labs released the 2026 Global Threat Landscape Report, an in-depth analysis of how attacker behavior is evolving across...

6.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
•added 2025/11/18 4:7 p.m.•10 views

The State of Security Today: Setting the Stage for 2026

As we close out 2025, one thing is clear: the security landscape is evolving faster than most organizations can keep up. From surging ransomware campaigns and AI-enhanced phishing to data extortion, geopolitical fallout, and gaps in cyber readiness, the challenges facing security teams today are ...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
•added 2025/10/07 1:0 p.m.•7 views

The Business of Cybercrime: Raj Samani on Access, Ransomware, and What Comes Next

Cybercrime is no longer chaotic, it’s commercial. That’s the central theme of Episode 3 in our Experts on Experts: Commanding Perspectives series, where Craig Adams sits down with Raj Samani, Chief Scientist at Rapid7, for a wide-ranging, no-nonsense conversation on today’s threat economy. They...

5.5AI score
Exploits0
The Hacker News
The Hacker News
•added 2025/07/15 3:21 p.m.•5 views

Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools

Cybersecurity researchers have shed light on a new ransomware-as-a-service RaaS operation called GLOBAL GROUP that has targeted a wide range of sectors in Australia, Brazil, Europe, and the United States since its emergence in early June 2025. GLOBAL GROUP was "promoted on the Ramp4u forum by the...

7.5AI score
Exploits0
The Hacker News
The Hacker News
•added 2025/04/11 10:30 a.m.•15 views

Initial Access Brokers Shift Tactics, Selling More for Less

What are IABs? Initial Access Brokers IABs specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs to concentrate on their core expertise: exploiting vulnerabilities through methods like soci...

7.2AI score
Exploits0
The Hacker News
The Hacker News
•added 2024/09/27 11:11 a.m.•16 views

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks. The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises to...

8.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
•added 2024/03/21 10:0 p.m.•13 views

Why The External Attack Surface Matters: An analysis into APAC related threat activities

Co-authors are Robin Long and Raj Samani Considerable focus within the cybersecurity industry has been placed on the attack surface of organizations, giving rise to external attack surface management EASM technologies as a means to monitor said surface. It would appear a reasonable approach, on t...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
•added 2024/01/03 7:7 p.m.•10 views

Microsoft disables ms-appinstaller after malicious use

In what might be conceived as one of Microsoft’s new year resolutions, it has disclosed that its turned off the ms-appinstaller protocol handler by default. The change is designed to make installing apps easier, but it also makes installing malware easier. Typically, an app needs to be on a devic...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
•added 2023/12/19 11:22 p.m.•27 views

New MetaStealer malvertising campaigns

MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have become a very hot commodity in the criminal space, so much so that there is competition between various groups. Threat actors have primarily used malspam as an infection vector...

7.3AI score
Exploits0
The Hacker News
The Hacker News
•added 2023/08/01 4:20 a.m.•46 views

Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan

Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware referred to as Ursnif aka Gozi. "It is a sophisticated downloader with the objective of installing a...

7AI score
Exploits0
Malwarebytes
Malwarebytes
•added 2023/06/15 3:0 a.m.•12 views

LockBit ransomware advisory from CISA provides interesting insights

The US Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, Multi-State Information Sharing and Analysis Center MS-ISAC, and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, France, and New Zealand CERT NZ, NCSC-NZ have all...

7AI score
Exploits0
The Hacker News
The Hacker News
•added 2023/06/01 9:19 a.m.•3 views

Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics

The threat actors behind BlackCat ransomware have come up with an improved variant that prioritizes speed and stealth in an attempt to bypass security guardrails and achieve their goals. The new version, dubbed Sphynx and announced in February 2023, packs a "number of updated capabilities that...

6.6AI score
Exploits0
The Hacker News
The Hacker News
•added 2023/06/01 9:19 a.m.•40 views

Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics

The threat actors behind BlackCat ransomware have come up with an improved variant that prioritizes speed and stealth in an attempt to bypass security guardrails and achieve their goals. The new version, dubbed Sphynx and announced in February 2023, packs a "number of updated capabilities that...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
•added 2023/05/08 9:0 a.m.•12 views

The rise of "Franken-ransomware," with Allan Liska: Lock and Code S04E11

Ransomware is becoming bespoke, and that could mean trouble for businesses and law enforcement investigators. It wasn't always like this. For a few years now, ransomware operators have congregated around a relatively new model of crime called "Ransomware-as-a-Service." In the...

7.1AI score
Exploits0
Qualys Blog
Qualys Blog
•added 2023/03/30 5:3 p.m.•17 views

Risk Fact #3: Initial Access Brokers Attack What Organizations Ignore

Qualys Blog Series – Threat Research Unit Report “Divide and Conquer” is an emerging and winning strategy for cyber criminals who split responsibilities to improve execution of the attack process. Some threat actors specialize in the back end, which often is ransomware deployed at scale. The fron...

7.2AI score
Exploits0
The Hacker News
The Hacker News
•added 2023/02/04 5:30 a.m.•3 views

New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team CERT of France said i...

8.8CVSS9.4AI score0.45063EPSS
Exploits7
Malwarebytes
Malwarebytes
•added 2022/10/27 6:45 p.m.•20 views

What is ransomware-as-a-service and how is it evolving?

Ransomware attacks are becoming more frequent and costlier--breaches caused by ransomware grew 41 percent in the last year, the average cost of a destructive attack rising to $5.12 milllion. Whats more, a good chunk of the cyber criminals doing these attacks operate on a ransomware-as-a-service...

Exploits0
The Hacker News
The Hacker News
•added 2022/08/01 4:51 a.m.•44 views

Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers

The operators of the Gootkit access-as-a-service AaaS malware have resurfaced with updated techniques to compromise unsuspecting victims. "In the past, Gootkit used freeware installers to mask malicious files; now it uses legal documents to trick users into downloading these files," Trend Micro...

0.2AI score
Exploits0
Rows per page
Query Builder