The State of Ransomware 2025
Explore the causes and consequences of ransomware in 2025 based on findings from a vendor-agnostic survey of 3,400 organizations hit by ransomware in the last year.
Similar Posts
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign
Bys sMicrosoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were “used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,” the Microsoft Threat Intelligence team said in…
Ireland’s Data Protection Commission publishes 2024 Annual Report
Bys sThe Data Protection Commission has today launched its Annual Report for 2024 and released the results of its first Public Attitudes Survey. From their press release: Highlights of the 2024 Annual Report The DPC issued 11 finalised inquiry decisions resulting in administrative fines totalling €652 million during 2024. Multiple reprimands and compliance orders were also imposed….
Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks
Bys sAs GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Forward-thinking security teams are looking for security controls and strategies to address these risks, but they do not always know which risks to prioritize. In some cases,…
Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes
Bys sCybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk. The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check Time-of-Use (TOCTOU) vulnerability that could lead to a container escape attack and allow for
The Pennsylvania Attorney General’s Office Updates Ransomware Attack Incident
Bys sOn September 17, the Pennsylvania Attorney General’s Office posted the following update to a ransomware attack it initially disclosed on August 11. HARRISBURG — The Office of Attorney General is providing an update regarding the cyber incident last month that impacted our agency. As previously reported, the incident was the result of a malicious actor……
Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler
Bys sCybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege escalation and erase logs to cover up evidence of malicious activities. The issues have been uncovered in a binary named “schtasks.exe,” which enables an administrator to create, delete,…