33 matches found
EUVD-2020-30271
Malware in sbrugna...
Exploit for Use After Free in Microsoft
🚨 CVE-2025-29824 Exploit: PipeMagic Ransomware Chain 📌 Critical...
Navigating the Cyber Threat Landscape in 2025: Key Insights for Security Leaders
2025 is half way done already and it has been evolving at an unprecedented pace, presenting new challenges and opportunities for security leaders. Last week, we launched The Hive Pro Cyber Horizons Annual Threat Report 2025. The report sheds light on the most pressing threats and offers actionabl...
Navigating the Cyber Threat Landscape in 2025: Key Insights for Security Leaders
2025 is half way done already and it has been evolving at an unprecedented pace, presenting new challenges and opportunities for security leaders. Last week, we launched The Hive Pro Cyber Horizons Annual Threat Report 2025. The report sheds light on the most pressing threats and offers actionabl...
Lessons from Qilin: What the Industry’s Most Efficient Ransomware Teaches Us
Qilin has quietly become one of the most active and impactful ransomware operations in the world today. If it’s not already on your threat radar, now is the time to take notice. This blog unpacks how Qilin operates, why it’s gaining traction across cybercriminal networks, and what steps security...
Why is Ransomware Still a Thing in 2025?
When was the last time you had a serious conversation about cybersecurity that didn’t touch on ransomware? We all know that it’s one of the most persistent and damaging threats out there. Yet, this isn’t because it’s new—ransomware’s been around since 1989—but because we are making it far too eas...
A Rebirth of a Cursed Existence? Examining ‘Babuk Locker 2.0’ Ransomware
Co-authored by Yaniv Allender and Anna Sirokova Introduction Ransomware remains a major threat, causing significant disruption and financial losses to organizations across various sectors. Cybercriminal groups behind these attacks constantly adapt their methods to maximize damage and profit. At...
A week in security (March 3 – March 9)
Last week on Malwarebytes Labs: TikTok: Major investigation launched into platform’s use of children’s data PayPal scam abuses Docusign API to spread phishy emails Android zero-day vulnerabilities actively abused. Update as soon as you can I spoke to a task scammer. Here’s how it went Android...
RansomHub: The New King of Ransomware? Targeted 600 Firms in 2024
RansomHub emerges as a major ransomware threat in 2024, targeting 600 organizations after ALPHV and LockBit disruptions. Group-IB…...
2024 in AI: It’s changed the world, but it’s not all good
A popular saying is: “To err is human, but to really foul things up you need a computer.” Even though the saying is older than you might think, it did not come about earlier than the concept of artificial intelligence AI. And as long as we have been waiting for AI technology to become commonplace...
Play Ransomware Claims Krispy Kreme Breach, Threatens Data Leak
KEY SUMMARY POINTS Krispy Kreme, the beloved doughnut chain, disclosed a data breach on December 11, 2024, in…...
5 BCDR Oversights That Leave You Exposed to Ransomware
Ransomware isn't just a buzzword; it's one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in sophistication, with new ransomware groups constantly emerging. Their attack methods are evolving...
AI likely to boost ransomware, warns government body
The British National Cyber Security Centre NCSC says it expects Artificial Intelligence AI to heighten the global ransomware threat. In a report, the NCSC makes the assessment that AI will almost certainly increase the volume and heighten the impact of cyberattacks over the next two years. We’re...
8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses
A ransomware threat called 8Base that has been operating under the radar for over a year has been attributed to a "massive spike in activity" in May and June 2023. "The group utilizes encryption paired with 'name-and-shame' techniques to compel their victims to pay their ransoms," VMware Carbon...
LockBit Ransomware Targets MacOS
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LockBit ransomware has been discovered on VirusTotal compiled for Apples macOS arm64 architecture, raising concerns about the ransomware threat on Mac devices. To receive real-time threat advisories,...
QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates
Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage NAS devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects...
What Old is New Again and What's Old is Me?
Welcome to this weeks edition of the Threat Source newsletter. Whats old is new again and whats old is still old. The fact that we are seeing a comeback of this USB thumb drive nonsense is giving me heartburn, and a headache, and my left eye is twitching … and maybe numbness in my legs? Yes, I am...
A week in security (July 4 – July 10)
Last week on Malwarebytes Labs: My Body, My Data Act would lock down reproductive and sexual health data "Free UK visa" offers on WhatsApp are fakes HackerOne insider fired for trying to claim other people’s bounties Update now! Chrome patches ANOTHER zero-day vulnerability Cloud-based malware is...
Ransomware Task Force priorities see progress in first year
This blog is part of our live coverage from RSA Conference 2022: US President Joseph R. Biden Jr., The White House, and law enforcement agencies across the world paid close attention last year when a group of more than 60 cybersecurity experts launched the Ransomware Task Force, heeding the group...
Top 3 SaaS Security Threats for 2022
With 2021 drawing to a close and many closing their plans and budgets for 2022, the time has come to do a brief wrap-up of the SaaS Security challenges on the horizon. Here are the top 3 SaaS security posture challenges as we see them. 1 — The Mess of Misconfiguration Management The good news is...