cybercrime

Cybercriminals use research contests to create new attack methods
Adversary-sponsored research contests on cybercriminal forums focus on new methods of attack and evasion, according to Sophos. The contests mirror legitimate security …

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store
ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the …

Ransomware dwell time hits new low
Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks …

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)
Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal …

How executives’ personal devices threaten business security
Today, individual people – not businesses or government entities as a whole – are the primary targets, or entry points, for all major cyberattacks, according to …

Learning from past healthcare breaches to fortify future cybersecurity strategies
In the face of rising cyber threats, the healthcare sector has become a hotbed for cyberattacks. Given the gravity of this situation, we sat down with Shenny Sheth, Deputy …

Recent ransomware attacks share curiously similar tactics
A series of ransomware attacks made by different groups share curiously similar characteristics, according to Sophos. Sophos released new findings into the connections between …

Data exfiltration is now the go-to cyber extortion strategy
The abuse of zero-day and one-day vulnerabilities in the past six months led to a 143% increase in victims when comparing Q1 2022 with Q1 2023, according to Akamai. Ransomware …

The ransomware rollercoaster continues as criminals advance their business models
Ransomware shows no signs of slowing, with ransomware activity ending 13 times higher than at the start of 2023 as a proportion of all malware detections, according to …

Getting the best possible outcome in ransomware negotiation
Though typically seen as a final measure, 90% of participants from a BigID survey revealed that their company would contemplate paying a ransom if it meant they could recover …

Seasoned cyber pros are more complacent in their skills than junior staff
Average response time accelerated from 29 to 19 days, from 2021 to 2022, with lessons from Log4j and other high-profile vulnerabilities having a significant impact on urgency …

Managing human cyber risks matters now more than ever
As artificial intelligence amplifies the sophistication and reach of phishing, vishing, and smishing attacks, understanding and managing human cyber risks has become …
Featured news
Resources
Don't miss
- Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)
- Threat actors are scanning your environment, even if you’re not
- GoSearch: Open-source OSINT tool for uncovering digital footprints
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
- Top must-visit companies at RSAC 2025