Europe's ransomware problem isn't getting better! Q3 2025 saw 288 attacks hammer organizations across the region, with Qilin claiming 65 victims and cementing its position as the most aggressive threat actor targeting the continent. But it's SafePay's meteoric rise to second place—and a devastating airport attack that rippled across multiple countries—that has security teams particularly worried about what's coming next. The numbers tell a sobering story in Cyble's latest report, “E...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
Agenda ransomware group, popularly known as Qilin, has been abusing legitimate remote management and file transfer tools, security researchers revealed in a new disclosure. By deploying a Linux-based ransomware binary on Windows hosts, the threat actor has affected more than 700 victims since January 2025. According to Trend Micro findings, the cross-platform execution sidesteps Windows-centric detections and security solutions, including conventional endpoint detection and response platforms...| How evolving regulations are redefining CISO responsibility | CSO Online
While authorities do not recommend making a ransomware payment, some companies are forced to make that choice.| Help Net Security
Discover how integrated immutable storage can enhance ransomware resilience and streamline data recovery for your organization.| StorageSwiss.com - The Home of Storage Switzerland
Jährlich veröffentlicht das Bundesamt für Sicherheit in der Informationstechnik (BSI) seinen aktuellen Bericht zur Lage der IT-Sicherheit in Deutschland. Der| DID | Dresdner Institut für Datenschutz
Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.| Latest from ITPro
Realtà aumentata e virtuale stanno trasformando la produttività aziendale, dall’addestramento tecnico alla progettazione, fino alle esperienze immersive per i clienti, ridefinendo i processi operativi e aprendo nuove possibilità strategiche per i settori produttivi L'articolo Realtà aumentata e virtuale: il nuovo motore del business proviene da Agenda Digitale.| Agenda Digitale
La última edición del informe State of Ransomware 2025 de CrowdStrike alerta sobre la creciente brecha entre la capacidad defensiva y la rapidez de los ataques impulsados por inteligencia artificial L'articolo El 76% de las empresas no logra responder a los ciberataques con IA proviene da Data Center Market.| Data Center Market
Financial regulators in Canada this week levied $176 million in fines against Cryptomus, a digital payments platform that supports dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services. The penalties for violating Canada's anti money-laundering laws come ten months after KrebsOnSecurity noted that Cryptomus's Vancouver street address was home to dozens of foreign currency dealers, money transfer businesses, and cryptocurrency exchanges — none of which were phys...| Krebs on Security
Jewett-Cameron Company says hackers stole sensitive information and are threatening to release it unless a ransom is paid. The post Fencing and Pet Company Jewett-Cameron Hit by Ransomware appeared first on SecurityWeek.| SecurityWeek
7 Challenges with AI and Data Security—and Tips for Building Resilience by Pure Storage Blog In cybersecurity, AI can help us, but it can lend a hand to the bad guys, too. Here are seven things to consider when leveraging AI for security and what you need to solve them. The post 7 Challenges with AI and Data Security—and Tips for Building Resilience appeared first on Pure Storage Blog.| Pure Storage Blog
2025 Guide to Enterprise Cyber Insurance by Pure Storage Blog With ransomware attacks becoming more common and sophisticated, the demand for and cost of cyber insurance is rising. Here’s a closer look at the changing landscape and what organizations can do in response to it. The post 2025 Guide to Enterprise Cyber Insurance appeared first on Pure Storage Blog.| Pure Storage Blog
“We’re locked out of everything. There’s a note on the server, and it says we have three days to pay or lose the data.” That was the message a client sent us at 6:43am on a Tuesday. No details. No lead-up. Just the kind of moment that hits hard and fast and derails the entire […] The post How to Get Rid of Ransomware: Essential Steps for Protection appeared first on SkyNet MTS.| SkyNet MTS
Ransomware is no longer just an IT risk. In healthcare, it disrupts care delivery, delays treatment, and directly threatens patient lives. Attacks cascade across entire health systems, overwhelm regional capacity, and impose severe financial and reputational costs. The evidence shows ransomware must be treated as a public health crisis. This paper examines key issues regarding […] The post Ransomware: A Public Health Crisis appeared first on Health-ISAC - Health Information Sharing and Anal...| Health-ISAC – Health Information Sharing and Analysis Center
The education sector is making measurable progress in defending against ransomware, with fewer ransom payments, dramatically reduced costs, and faster recovery rates. The post Higher-ed is fighting ransomware, but IT teams pay the price appeared first on eCampus News.| eCampus News
BlackFog’s 2025 Q3 Ransomware Report - global cyber battlefield heats up as ransomware groups escalate attacks. Download full report for key insights.| BlackFog
A recent joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) has highlighted a significant threat to critical infrastructure sectors across the United States: RansomHub ransomware.| MixMode
Insights from the GRIT Q3 2025 Ransomware & Cyber Threat Report October is Cybersecurity Awareness Month (CAM). GuidePoint Security is […]| GuidePoint Security
Las organizaciones españolas parecen haber dado un giro decisivo en su capacidad para enfrentarse al ransomware....| Revista Byte TI
Australia’s rich resources and high median wealth make the country an attractive target for threat groups, and ransomware groups have taken notice. Ransomware groups have claimed 71 attacks on Australian organizations thus far in 2025, compared to just nine in New Zealand. Both countries have experienced significant ransomware attacks this year, however, and some with supply chain implications, so we discuss 10 significant recent incidents below involving both Australia and New Zealand. ...| Cyble Podcast | Cybersecurity & Threat Intelligence Insights
IBM released its annual Cost of a Data Breach Report, showing the global average cost of a data breach reached $4.45 million in 2023.| Help Net Security
Something a bit wild happened recently: A rival of LockBit decided to hack LockBit. Or, to put this into ransomware-parlance: LockBit got a post-paid pentest. It is unclear if a ransomware negotiation took place between the two, but if it has, it was not successful. The data was leaked.| blog.compass-security.com
Security researchers at Google say that more than 100 organizations are likely to have fallen victim to a large-scale cyberattack on Oracle E-Business| Techzine Global
A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse…| krebsonsecurity.com
The data from RiskRecon’s global ransomware study is conclusive: cyber hygiene directly impacts resilience. Organizations with poor hygiene face ransomware incidents 5.3x more frequently, and victimized companies are far more likely to expose unsafe services, misconfigured encryption, and unpatched software.| Blog | Online Risk Management Software | RiskRecon
Analysis of the 2025 Salesforce breach wave at Google, Workday, and Salesloft, highlighting SaaS risk, identity abuse, and data exfiltration.| BlackFog
Interlock ransomware is disrupting healthcare, cities, and infrastructure in 2025 with fake update lures, data theft, and double extortion tactics.| BlackFog
L'industria automobilistica europea è sotto attacco. Scopri i dettagli dell'attacco hacker subito da Jaguar Land Rover e le sue conseguenze.| Cyber Guru
Attackers Living Outside The Operating System Like many in our field, I thought we’d seen the last of Petya-style attacks after the chaos of 2017. As it turns out, that was wishful thinking. ESET Research recently uncovered something that caught my attention immediately – a new variant they’ve dubbed “HybridPetya” that combines ransomware with UEFI […] The post HybridPetya Ransomware Shows Why Firmware Security Can't Be an Afterthought appeared first on Eclypsium | Supply Chain Se...| Eclypsium | Supply Chain Security for the Modern Enterprise
Verticals Targeted: Not specified Regions Targeted: None Related Families: Petya, NotPetya, NotPetyaAgain, RedPetyaOpenSSL Executive Summary HybridPetya is a ransomware variant resembling Petya/NotPetya, capable of compromising UEFI-based systems and exploiting CVE-2024-7344 to bypass UEFI Secure Boot on outdated systems. While not observed in active campaigns, its advanced capabilities warrant close monitoring by security teams.| PolySwarm Main Blog
Cybersecurity is no longer just a technical concern. It is a pillar of national security, public health and economic stability. The post Hack the Planet: Cybersecurity’s Global Race Against Chaos appeared first on The Globalist.| The Globalist
U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The…| krebsonsecurity.com
Learn about the evolving ransomware landscape, including how attackers operate, the roles within the ransomware economy, and actionable strategies to strengthen your defenses.| NetSPI
RiskRecon’s 10-year study of ransomware events highlights not just the scale of the threat, but the patterns that determine which organizations are most at risk. Here are six key lessons:| Blog | Online Risk Management Software | RiskRecon
Ransomware has evolved. What once started as small-scale attacks on local systems has now grown into a global, organized criminal operation targeting every sector and every geography. From public utilities and hospitals to government agencies and retailers, no organization is off limits—and neither are their vendors.| Blog | Online Risk Management Software | RiskRecon
Fairmont Federal Credit Union notifying 187,000 individuals that their personal and financial information was stolen in a 2023 data breach.| SecurityWeek
Is your condo corporation safe against cyberattacks? We look at common condo corporation vulnerabilities and cybersecurity solutions.| CPO Management
BlackNevas has been continuously launching ransomware attacks against companies in various industries and countries, including South Korea. This post provides a technical analysis on the characteristics, encryption methods, and reasons why BlackNevas encrypts files in a way that makes them impossible to decrypt. It is hoped that this post will provide insights for defending against […]| ASEC
DireWolf Ransomware Group The DireWolf ransomware group made their first appearance in May 2025. On May 26 of the same month, they disclosed their first 6 victims on a darknet leak site, marking the beginning of their full-fledged activities. The group stated that their only goal is money and contacts their victims through the Tox […]| ASEC
Warning About NightSpire Ransomware Following Cases of Damage in South Korea ASEC| ASEC
By Jamie Moles on Information Age - Insight and Analysis for the CTO Ransomware threats are advancing. Jamie Moles goes into what a triple extortion threat is and how to protect your organisation against them The post Ransomware has evolved – so must our defences appeared first on Information Age.| Information Age
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) (Dutch DPA) recently published a report on personal data breaches, which provides valuable insights into the Dutch DPA’s views on incident response. It also contains some helpful statistics. Increase in follow-up action by the Dutch DPA It is clear from the report that the Dutch DPA is still... Continue Reading| Data Protection Report
Rorschach is a new ransomware sample discovered in the wild. It boasts extraordinarily fast encryption and advanced detection evasion methods.| Gridinsoft Blogs
NCA posted a banner on the leak site of LockBit ransomware, that claims a successful Operation Cronos performed in cooperation with others.| Gridinsoft Blogs
LockBit ransomware group is back, after 4 days of downtime that followed the takedown from law enforcement agencies.| Gridinsoft Blogs
The UK government is introducing a ban on ransomware payments for the public sector and critical national infrastructure – but will there could be unintended consequences| IT Pro
In one attack, said Microsoft, the Storm-0501 group took advantage of protection and visibility gaps to pivot from on-premises to cloud| IT Pro
One in five law firms isn't sure if they've been hacked. Don't be one of them. Learn the 5 cybersecurity risks that could shut down your practice and damage client trust forever.| Deepak Gupta | AI & Cybersecurity Innovation Leader | Founder's Journey from ...
Ransomware-as-a-Service (RaaS), marketed on dark web forums or Telegram channels, is a growing model in the cybercrime ecosystem where ransomware […]| K7 Labs
The Cyber Security Agency of Singapore warns of Dire Wolf’s double-extortion tactics, which have already impacted 16 organizations across 11 countries, crippling operations and exposing sensitive data.| CSO Online
In an incident response case, Kaspersky experts discovered new malware that terminates AV processes by abusing the legitimate ThrottleStop driver. Kaspersky solutions successfully counter and detect this threat.| securelist.com
On July 22, 2025, the European police agency Europol said a long-running investigation led by the French Police resulted in the arrest of a 38-year-old administrator of XSS, a Russian-language cybercrime forum with more than 50,000 members. The action has triggered…| krebsonsecurity.com
Al estudiar un caso de respuesta a incidentes, los expertos de Kaspersky descubrieron un nuevo malware que abusa los procesos del driver TrhottleStop para cerrar los procesos antivirus. Las soluciones de Kaspersky contrarrestan y detectan esta amenaza.| securelist.lat
Overview Bumblebee malware has been an initial access tool used by threat actors since late 2021. In 2023 the malware was first reported as using SEO poisoning as a delivery mechanism. Recently in …| The DFIR Report
Im ersten Quartal 2025 gab es einen Rückgang bei den Ransomware-Angriffen, so die Ergebnisse eines aktuellen Internet Security Reports. Die Gesamtzahl einzigar| B2B Cyber Security
Qilin ransomware - The Qilin ransomware group has once again dominated the cyberthreat landscape in July 2025, claiming 73 victims.| Cyber Security News
CEO of fleet management firm Microlise, Nadeem Raza, shares the inside story of the October 2024 cyberattack| The Stack
Ransomware-Angriffe nehmen weltweit weiter zu – und in den meisten Fällen beginnt alles mit Social Engineering. Aktuelle Daten zeigen: Phishing ist nach wie| B2B Cyber Security
Wenn Infostealer oder Ransomware zuschlagen, landen Daten in fremden Händen oder sind professionell hochgradig verschlüsselt. Diese Szenarien sollte eine gute| B2B Cyber Security
research shared with TechCrunch ahead of publication on Tuesday| Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
International operation dismantles BlackSuit ransomware, seizing infrastructure and funds, as researchers warn of Chaos ransomware reemergence.| CySecurity News - Latest Information Security and Hacking Incidents
Researchers have witnessed an increase in ransomware attacks occurring when criminals know IT staff won’t be around, mostly night time.| Help Net Security
Companies must expand their “assume breach” mindset to prepare for multiple and even simultaneous attacks.| Help Net Security
Major regional and global events – such as military exercises, political or economic summits, and elections – drove cyber threat activities.| Help Net Security
Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts| Help Net Security
Cyberattacks are costly. Learn what the latest $250K HIPAA fine after a ransomware data breach in healthcare means for your practice.| Abyde
In its recent Advisory AA25‑203A, the Cybersecurity and Infrastructure Security Agency (CISA) reaffirms a powerful truth: Protective DNS (Domain Name System) remains one of the most effective defenses against ransomware.| Infoblox Blog
No matter the method of intrusion, business leaders face higher stakes, as most ransomware attacks involve data exfiltration.| Help Net Security
Lockbit 3.0 is currently the most active ransomware group, but new ransomware groups like 8Base and Akira are rising in prominence.| Help Net Security
Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment.| Help Net Security
The ransomware activity in Q1 of 2024 continues the substantial growth pattern that we saw develop over the course of 2023.| Help Net Security
Russian Dmitry Khoroshev is "LockBitSupp", the creator, developer and administator of the infamous LockBit ransomware group.| Help Net Security
Akira and Lockbit ransomware groups are trying to breach Cisco ASA SSL VPN devices by exploiting older vulnerabilities.| Help Net Security
While not paying a ransom is ethically correct, organizations lack power when it comes to ransomware attacks.| Help Net Security
The increase in reported ransomware victims across Q1 2023 reflects the continued prevalence of ransomware as a worldwide threat.| Help Net Security
"In Q1 2024, the proportion of victims that chose to pay touched a new record low of 28%," ransomware IR firm Coveware has found.| Help Net Security
Companies using Google Workspace experienced a 25% risk reduction for FTF or BEC claims and a 10% risk reduction for ransomware claims.| Help Net Security
Follow us on Twitter @HackRead| Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
By Anna Jordan on Information Age - Insight and Analysis for the CTO The government has announced a ban on ransomware payments from public sector organisations. We explore the loose ends to be tied The post Ransomware payments to be banned – the unanswered questions appeared first on Information Age.| Information Age
Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread| Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
This cybersecurity article highlights the vulnerability in popular ransomware products as demonstrated by a cybersecurity analyst on YouTube.| Gridinsoft Blogs
Highlands Oncology reports a Medusa ransomware attack affecting over 113,000 people, its second PHI breach following a 2023 ransomware incident.| CyberInsider
The WannaCry ransomware attack is still infecting unsuspecting users, hospitals, and businesses around the world. While some users on Twitter are claiming| Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
In this ransomware scam, scammers are tricking users by introducing them to a cryptocurrency called "SpriteCoin" that does not exist.| Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
KQED, a prominent public TV and radio station in San Francisco, is an example that shows how badly a corporation suffers when ransomware hits these internet| Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Discover how Datto EDR and AV upgrades deliver stronger threat prevention, simplified endpoint control and time-saving automation for your IT team.| Datto
In this blog entry, we discuss how Shadowpad is being used to deploy a new undetected ransomware family. Attackers deploy the malware by exploiting weak passwords and bypassing multi-factor authentication.| Trend Micro
Ransomware attacks are disrupting and undermining business operations and draining revenue streams, according to Illumio.| Help Net Security
Learn how the Qilin ransomware operation works, why the Qilin cyber attack poses serious risks, and the defenses enterprises need to protect against one of today’s most efficient ransomware threats.| Qualys
Key Takeaways Initial access was via a password spray attack against an exposed RDP server, targeting numerous accounts over a four-hour period. Mimikatz and Nirsoft were used to harvest credential…| The DFIR Report
19 companies hit via a business services provider, Disney loses proprietary data and three new phishing kits mimic the Revolut finance app.| ID Agent
Dire Wolf ransomware surfaced in late May 2025 as another player in the increasingly crowded ransomware landscape. What sets this threat apart isn’t revolutionary technology, but rather its methodical approach to double extortion and global targeting strategy. Security researchers have tracked Dire Wolf attacks across multiple continents, affecting organizations from small businesses to larger enterprises. […] The post Dire Wolf (.direwolf) Ransomware Virus – Removal and Decryption appe...| Gridinsoft Blog
What Is THRSX Ransomware? THRSX is a ransomware strain that encrypts files and demands payment for their release. Like many other ransomware variants, THRSX changes the names of the encrypted files by appending a...| Cyclonis
2025年2月、複数のセキュリティベンダーがNailaoLockerというランサムウェアに関するレポートを公開しました。...| IIJ Security Diary
Three insurance companies have publicly disclosed cyberattacks in the past week. Scattered Spider, an amorphous band of cybercriminals, has been actively targeting the sector.| CyberScoop
To defend “target rich, resource poor” critical infrastructure from cyberattacks, the U.S. must expand its patchwork volunteer system, a new report concludes.| CyberScoop
Multiple U.S.-based companies in the insurance sector have already been hit over the past week and a half, according to Mandiant.| CyberScoop
A ransomware attack empties grocery shelves, a ticketing platform is disabled and five new Swedish phishing simulation kits. The post The Week in Breach News: 06/11/25 – 06/17/25 appeared first on ID Agent.| ID Agent
Insider attacks rock 2 firms, Cartier & The North Face hit in a retail attack spree & 6 new business-themed phishing kits drop in BullPhish ID| ID Agent
Ransomware Disguised as Password Cracker (Extension Changed to .NS1419) ASEC| ASEC