According to Sophos, ransomware recovery costs soared to $2.73 million in 2024, displaying a 500% rise compared to 2023 and underscoring the escalating financial toll of cyberattacks. The FBI, CISA, and MS-ISAC have recently issued a joint advisory on Medusa ransomware, which has impacted over 300 victims across critical infrastructure sectors as of February 2025. […]
Ransomware remains a top cybersecurity threat, with attack costs soaring to $2.73 million per incident, nearly $1 million higher than in 2023, according to Sophos. As ransomware operations grow in complexity, new threat groups continue to emerge, seeking massive financial gains. One such group is Hellcat, a newly identified Ransomware-as-a-Service (RaaS) threat group first spotted […]
Increasing ransomware volumes, expanding hacker collectives, and record-breaking damage costs are redefining the cyber risk arena. The FBI, CISA, and partners have recently issued a joint cybersecurity alert warning the global cyber defender community of increasing Ghost (Cring) ransomware attacks aimed at financial gain. China-affiliated hackers have compromised organizations from multiple industries, including the critical […]
Emerging last year as the successor to Royal ransomware, BlackSuit has quickly evolved into a highly sophisticated malicious spinoff, aggressively targeting organizations worldwide. Security researchers have recently observed a significant surge in activity by the Ignoble Scorpius group, the operator behind BlackSuit, with over 90 organizations falling victim to their relentless intrusions. Detect BlackSuit Ransomware […]
Following a wave of cyber attacks by the Iran-linked hacking collective tracked as Pioneer Kitten, the FBI, CISA, and authoring partners issue a new alert notifying defenders of a growing threat posed by BianLian Ransomware Group, which primarily targets critical infrastructure organizations in the U.S. and Australia. Detect BianLian Ransomware According to the State of […]
Adversaries employ new Interlock ransomware in recently observed big-game hunting and double-extortion attacks against U.S. and European organizations in multiple industry sectors. Defenders assume with low confidence that Interlock ransomware might be a newly diversified group linked to the Rhysida ransomware affiliates or developers, based on comparable TTPs and encryptor binaries. Detect Interlock Ransomware Ransomware […]
Right after the joint advisory by FBI, CISA, and partners warning of a significant shift in the RansomHub RaaS group activity, security researchers have spotted the novel trick by adversaries misusing Kaspersky’s legitimate TDSSKiller software to disable Endpoint Detection and Response (EDR) systems. Once they’ve bypassed defenses, attackers turn to the LaZagne tool, siphoning login […]
Ransomware continues to be a leading global threat to organizations, with attacks becoming more frequent and increasingly sophisticated. Recently, a new Ransomware-as-a-Service (RaaS) group, Repellent Scorpius, has emerged, intensifying the challenge for cyber defenders. This novel actor drives the distribution of the Cicada3301 ransomware, employing a double-extortion tactic to maximize profits while expanding their affiliate […]
Hot on the heels of the joint cybersecurity advisory warning defenders of the Iran-backed Pioneer Kitten’s collaboration with multiple ransomware groups, another spike in ransomware activity is causing a stir in the cyber threat landscape. The FBI, CISA, and partners recently issued a joint alert covering the increased offensive activity of the RansomHub RaaS operators, […]
On August 28, 2024, a joint advisory was released by the FBI, the Department of Defense, and CISA, alerting cybersecurity professionals about a surge in operations by Iran-linked adversaries. These actors are increasingly collaborating with ransomware gangs to target education, finance, healthcare, state bodies, and defense industry sectors. Known as Pioneer Kitten, state-sponsored hacking collective […]