Which malware delivery techniques are currently favored by attackers?
A wave of cybercriminals spreading malware families – including QakBot, IceID, Emotet, and RedLine Stealer – are shifting to shortcut (LNK) files for email malware delivery. …
Three ransomware gangs consecutively attacked the same network
Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacked the same network, according to Sophos. The first two attacks took place within two hours, …
Cyber syndicates are working with amateur attackers to target businesses
Cybercrime is being supercharged through “plug and play” malware kits that make it easier than ever to launch attacks. Cyber syndicates are collaborating with amateur …
Could criminalizing ransomware payments put a stop to the current crime wave?
In this Help Net Security video, Charl van der Walt, Head of Security Research, Orange Cyberdefense, discusses whether criminalizing ransomware payments could quell the …
A third of organizations experience a ransomware attack once a week
Ransomware attacks show no sign of slowing. According to new research published by Menlo Security, a third of organizations experience a ransomware attack at least once a …
87% of the ransomware found on the dark web has been delivered via malicious macros
Venafi announced the findings of a dark web investigation into ransomware spread via malicious macros. Conducted in partnership with criminal intelligence provider Forensic …
Ransomware gangs are hitting roadblocks, but aren’t stopping (yet)
Ransomware attacks are in decline, according to reports by several cybersecurity companies. Why is that? More effort for less pay In its mid-year 2022 Cyber Threat Report, …
Attackers are slowly abandoning malicious macros
Malicious macro-enabled documents as vehicles for email-based malware delivery are being used less and less, Proofpoint researchers have noticed. Threat actors are switching …
CloudMensis backdoor spies on users of compromised Macs
ESET researchers discovered CloudMensis, a macOS backdoor that spies on users of compromised Macs and uses public cloud storage services to communicate back and forth with its …
Beware of password-cracking software for PLCs and HMIs!
A threat actor is targeting industrial engineers and operators with trojanized password-cracking software for programmable logic controllers (PLCs) and human-machine …
BlackCat (aka ALPHV) ransomware is increasing stakes up to $2.5 million in demands
The notorious cybercriminal syndicate competes with Conti and Lockbit 3.0. They introduced an advanced search by stolen victim’s passwords, and confidential documents leaked …
Threat actors exchange beacons for badgers to evade endpoint security
Unidentified cyber threat actors have started using Brute Ratel C4 (BRc4), an adversary simulation tool similar to Cobalt Strike, to try to avoid detection by endpoint …
Featured news
Resources
Don't miss
- January 2026 Patch Tuesday forecast: And so it continues
- How AI agents are turning security inside-out
- Security teams are paying more attention to the energy cost of detection
- Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164)
- PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258)