Lucene search
K

12 matches found

Rapid7 Blog
Rapid7 Blog
added 2026/03/18 1:0 p.m.10 views

The Attack Cycle is Accelerating: Announcing the Rapid7 2026 Global Threat Landscape Report

The predictive window has collapsed. In 2025, high-impact vulnerabilities weren’t quietly accumulating risk. They were operationalized, and often within days. Today, Rapid7 Labs released the 2026 Global Threat Landscape Report, an in-depth analysis of how attacker behavior is evolving across...

6.1AI score
Exploits0
Trellix
Trellix
added 2025/06/12 12:0 a.m.7 views

Inside LockBit's Admin Panel Leak

Inside the LockBit's Admin Panel Leak: Affiliates, Victims and Millions in Crypto By Jambul Tologonov · June 12, 2025 Introduction On May 7, 2025, the LockBit admin panel was hacked by an anonymous actor who replaced their TOR website with the text ‘ Don’t do crime CRIME IS BAD xoxo from Prague ’...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/11 10:30 a.m.15 views

Initial Access Brokers Shift Tactics, Selling More for Less

What are IABs? Initial Access Brokers IABs specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs to concentrate on their core expertise: exploiting vulnerabilities through methods like soci...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/27 2:10 p.m.9 views

Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks

A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that's designed to disable endpoint detection and response EDR software on compromised hosts, according to ESET...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/07 2:15 p.m.32 views

FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations

Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker aka Monstrous Mantis, FIN7, FIN8, and Ruthless Mantis ex-REvil. "Ragnar Loader plays a key role in keeping access to...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/17 1:54 p.m.8 views

Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program

Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service RaaS called Cicada3301 after successfully gaining access to the group's affiliate panel on the dark web. Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301...

7.7AI score
Exploits0
CISA
CISA
added 2024/07/25 12:0 p.m.6 views

FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity

Today, CISA—in partnership with the Federal Bureau of Investigation FBI—released a joint Cybersecurity Advisory,North Korea State-Sponsored Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs. The advisory was coauthored with the following organization...

6.8AI score
Exploits0References4
Malwarebytes
Malwarebytes
added 2023/08/16 12:0 p.m.21 views

Malvertisers up their game against researchers

Threat actors constantly take notice of the work and takedown efforts initiated by security researchers. In this constant game of cat and mouse chasing, tactics and techniques keep evolving from simple to more complex, and more covert. This is a trend we have observed time and time again, no matt...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/21 9:54 a.m.8 views

From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022

As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in software from Microsoft, Google, and Apple. While this figure represents a decrease from the year before, when a staggering 81 zero-days were weaponized, it still represents a significa...

9.8CVSS9.4AI score0.99999EPSS
Exploits178
Microsoft Secure
Microsoft Secure
added 2022/07/28 4:0 p.m.18 views

Industrial systems: What it takes to secure and staff them

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Patrick C. Miller,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/05 2:50 p.m.32 views

FIN7 Hackers Leveraging Password Reuse and Software Supply Chain Attacks

The notorious cybercrime group known as FIN7 has diversified its initial access vectors to incorporate software supply chain compromise and the use of stolen credentials, new research has revealed. "Data theft extortion or ransomware deployment following FIN7-attributed activity at multiple...

0.4AI score
Exploits0
FireEye
FireEye
added 2021/06/16 12:0 a.m.203 views

Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise

Mandiant observed DARKSIDE affiliate UNC2465 accessing at least one victim through a Trojanized software installer downloaded from a legitimate website. While this victim organization detected the intrusion, engaged Mandiant for incident response, and avoided ransomware, others may be at risk. As...

0.6AI score
Exploits0References5
Rows per page
Query Builder