The Counter Ransomware Initiative, comprising 39 countries, has issued a guidance document aimed at helping organizations respond to ransomware incidents while discouraging ransom payments and promoting proactive cybersecurity measures.
View full story…

Continuous Threat Exposure Management (CTEM) is a comprehensive framework that enables organizations to continuously assess and mitigate cyber risks across their entire attack surface in response to evolving cyber threats.
View full story…

Insider threats, arising from individuals misusing their access within organizations, have increased significantly, with 83% of organizations reporting such attacks in 2024 and remediation costs reaching up to $2 million.
View full story…

The financially motivated threat actor “PaidMemes” has shifted its ransomware attacks from Europe to Central and South America, deploying the BabyLockerKZ variant of MedusaLocker, which has doubled the number of victims per month since early 2023.
View full story…

In September 2024, Cloudflare successfully defended against the largest recorded DDoS attack, which peaked at 3.8 terabits per second, utilizing advanced autonomous systems to manage the threat without human intervention.
View full story…

Immersive Labs is enhancing cyber resilience training by providing hands-on crisis simulations that equip both technical teams and non-cyber business leaders with essential skills to effectively respond to cyber incidents.
View full story…

Microsoft’s Digital Crimes Unit, in collaboration with the US Department of Justice, seizes 100 website domains associated with the Russian threat actor Star Blizzard, known for targeting civil society organizations globally with phishing cyberattacks.
View full story…

Attackers can gain full control without authentication through a critical security flaw in the LiteSpeed Cache plugin, affecting over six million active installations.
View full story…

Google has implemented new security measures in its latest Pixel devices to protect against vulnerabilities in the cellular baseband and 2G network exploits.
View full story…

A critical SQL Injection vulnerability, known as CVE-2024-29824, has been discovered in Ivanti Endpoint Manager (EPM) 2022 SU5 and earlier versions, enabling remote code execution on affected servers without authentication.
View full story…

CeranaKeeper, a newly identified threat actor associated with Chinese cyber espionage activities, targets governmental institutions in Southeast Asia using popular cloud services for command-and-control communication and custom tools for data exfiltration.
View full story…

A fileless malware known as “perfctl” is infecting Linux servers globally, targeting millions of machines with over 20,000 exploits for common misconfigurations and a critical vulnerability in Apache RocketMQ.
View full story…

A large-scale fraud campaign known as pig butchering has been uncovered by Group-IB, targeting victims globally with promises of financial gain through investments in cryptocurrency or other financial instruments.
View full story…