Chinese state-sponsored cyber espionage campaigns have been reportedly targeting critical sectors across the globe. From telecommunications and government to transportation, lodging, and military operations, cyber actors linked to the People’s Republic of China (PRC) are conducting extensive, stealthy operations to infiltrate and control key network devices. This ongoing cyber onslaught has been documented by leading government agencies, revealing a complex web of tactics designed for long-...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Software supply chain attacks have been occurring at twice their long-term average in recent months and have shown no sign of slowing down. The uptick in supply chain attacks began in April 2025, when Cyble dark web researchers observed claims of 31 such attacks. Since then, cyberattacks with supply chain implications have averaged 26 a month, twice the rate seen from early 2024 through March 2025 (chart below). Cyble’s most recent threat landscape report (registration required) documen...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
The Underground ransomware gang is launching continuous ransomware attacks against companies in various countries and industries, including South Korea. This post describes the analysis and characteristics of the Underground ransomware. 1. Overview 1.1 Team Underground The ransomware strain operated by the group known as Underground was first identified in early July 2023. Afterward, their […]| ASEC
ASEC Blog publishes Ransom & Dark Web Issues Week 3, August 2025 WARLOCK launched a ransomware attack targeting a telecommunications provider in France. The pro-Israeli hacktivist group “313 Team” claims to have conducted DDoS attacks against nine institutions in Saudi Arabia. Qilin carried out ransomware attacks targeting financial and […]| ASEC
ASEC Blog publishes Ransom & Dark Web Issues Week 2, August 2025 Ransomware Group ‘World Leaks’ Claims Attack on U.S. Defense Contractors Ongoing Identity Data Leaks Target Hotels in Montecatini, Rimini, Milan, and Bardonecchia, Italy New Cyber Threat Group Emerges: Scattered Lapsus$ Hunters| ASEC
This report provides statistics on the number of new ransomware samples and affected systems, and affected companies that were collected over the course of July 2025, as well as major ransomware issues in and out of Korea. Below is a summary of the information. Disclaimer: The number of ransomware samples and damaged systems is […]| ASEC
This report comprehensively covers actual cyber threats and security issues that have taken place targeting financial companies in Korea and abroad. This report includes an analysis of malware and phishing cases distributed to the financial industry, the top 10 malware strains targeting the financial sector, and statistics on the industries of the leaked Korean accounts. […]| ASEC
AI is driving a rapid increase in sophisticated cyberattacks, and Australia’s high median wealth, abundant resources, and geopolitical influence make it a prime target for both cybercrime groups and advanced persistent threats (APTs). Cyble has documented more than 50 threat groups active in Australia in 2025, including ransomware and cybercrime groups, hacktivists, and APTs linked to China, Russia, Iran, and North Korea. Cyble dark web researchers have investigated 71 major cyber incid...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
ASEC Blog publishes Ransom & Dark Web Issues Week 1, August 2025 Emergence of New Ransomware Groups: BQTLock, Pear, and Black Nevas Increase in Cyberattacks Targeting South Korea [1], [2], [3] Ongoing Identity Information Leaks Targeting Hotels in Europe [1], [2], [3], [4]| ASEC
Ransom & Dark Web Issues Week 5, July 2025 ASEC| ASEC
ASEC Blog publishes Ransom & Dark Web Issues Week 4, July 2025 Pro-Russian Hacktivist Group NoName057(16) Launches DDoS Attack on Europol Website Data from French Defense Contractor for Sale on DarkForums XSS Forum Shutdown: Analyzing the Impact on the Russian-Speaking Cybercrime Ecosystem| ASEC
AhnLab TIP monitors the current ransomware group activities across dark web forums, marketplaces, and other sources. Through the Live View > Dark Web Watch menu, users can track the most active ransomware groups, uncover their collaborations, and gain insights into planned attacks and techniques—enabling user organizations to anticipate threats, prepare defenses, and prevent damage before […]| ASEC
ASEC Blog publishes Ransom & Dark Web Issues Week 3, July 2025 Data from Indonesian government agencies leaked on DarkForums. User data from a Korean portal site was sold on a cybercrime forum. A multinational investigation, Operation Eastwood, was launched targeting the pro-Russian hacktivist group NoName057(16).| ASEC
Ransom & Dark Web Issues Week 2, July 2025 ASEC| ASEC
June 2025 Trend Report on the Deep Web & Dark Web ASEC| ASEC
June 2025 Security Issues in Korean & Global Financial Sector ASEC| ASEC
Ransom & Dark Web Issues Week 1, July 2025 ASEC| ASEC
May 2025 Threat Trend Report on Ransomware ASEC| ASEC
Ransom & Dark Web Issues Week 2, June 2025 ASEC| ASEC
May 2025 Security Issues in Korean & Global Financial Sector ASEC| ASEC
May 2025 Deep Web and Dark Web Trends Report ASEC| ASEC
Ransom & Dark Web Issues Week 3, May 2025 ASEC| ASEC