Lucene search
+L

11 matches found

Talos Blog
Talos Blog
added 2026/04/02 10:0 a.m.7 views

An overview of ransomware threats in Japan in 2025 and early detection insights from Qilin cases

In 2025, a total of 134 ransomware incidents were reported in Japan, marking a 17.5% increase compared to 2024. Among these, 22 incidents were attributed to Qilin, representing 16.4% of the total. In 2025, Qilin ransomware was highly active. Looking ahead to 2026, unless there is significant...

6AI score
Exploits0
Talos Blog
Talos Blog
added 2025/09/08 10:0 a.m.10 views

Stopping ransomware before it starts: Lessons from Cisco Talos Incident Response

Over the past two and a half years January 2023 through June 2025, Cisco Talos Incident Response Talos IR has responded to numerous engagements that we classified as pre-ransomware incidents. Talos looked back to analyze what key security measures were credited with deterring ransomware deploymen...

8.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/07/14 2:8 p.m.6 views

Innovative Tunnelling and Forensic Tool Abuse: IR Tales from the Field

Rapid7 Incident Response consultants Willow Shipperley and Noah Hemker contributed analysis and insight to this blog. Executive summary Rapid7’s Incident Response IR team was engaged to investigate an incident involving an attempted Cobalt Strike execution. The investigation uncovered twists and...

8.5AI score
Exploits0
Talos Blog
Talos Blog
added 2025/04/28 10:0 a.m.16 views

IR Trends Q1 2025: Phishing soars as identity-based attacks persist

Phishing attacks spiked this quarter as threat actors leveraged this method of initial access in half of all engagements, a vast increase from previous quarters. Conversely, the use of valid accounts for initial access was rarely seen this quarter, despite being the top observed method in 2024,...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/30 3:44 p.m.13 views

North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack

Threat actors linked to North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May and September 2024, has been attributed to a threat actor tracked as Jumpy Pisces , which...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2023/04/26 12:0 p.m.35 views

Quarterly Report: Incident Response Trends in Q1 2023

Web shell usage spikes in Q1 compared to previous quarters, correlating with higher instances of exploitation of public-facing applications. In a novel increase compared to previous quarters, Cisco Talos Incident Response Talos IR reports that web shells were the most-observed threat in the first...

7.5CVSS10.5AI score0.18878EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2023/04/11 1:0 a.m.13 views

A week in security (April 3 - 9)

Last week on Malwarebytes Labs: TikTok: Whats going on and should I be worried? Super FabriXss: an RCE vulnerability in Azure Service Fabric Explorer Big changes to Twitter verification: How to spot a verified account New macOS malware steals sensitive info, including a user's entire Keychain...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/04 2:0 a.m.15 views

Pre-ransomware notifications are paying off right from the bat

CISA Cybersecurity and Infrastructure Security Agency has published the first results of its pre-ransomware notifications that were introduced at the start of 2023. Even though this initiative is relatively young, CISA says it has notified over 60 entities across the energy, healthcare,...

6.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/10/27 4:0 p.m.41 views

Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity

Microsoft has discovered recent activity indicating that the Raspberry Robin worm is part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread. These infections lead to follow-on...

0.2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/25 12:0 p.m.66 views

Quarterly Report: Incident Response Trends in Q3 2022

Ransomware and pre-ransomware engagements make up 40 percent of threats seen this quarter For the first time since compiling these reports, Cisco Talos Incident Response saw an equal number of ransomware and pre-ransomware engagements, making up nearly 40 percent of threats this quarter. It can b...

9.3CVSS0.6AI score0.99999EPSS
Exploits431
Talos Blog
Talos Blog
added 2022/10/25 12:0 p.m.72 views

Quarterly Report: Incident Response Trends in Q3 2022

Ransomware and pre-ransomware engagements make up 40 percent of threats seen this quarter By Caitlin Huey. For the first time since compiling these reports, Cisco Talos Incident Response saw an equal number of ransomware and pre-ransomware engagements, making up nearly 40 percent of threats this...

9.3CVSS0.6AI score0.99999EPSS
Exploits431
Rows per page
Query Builder