Ransomware

The US Cybersecurity and Infrastructure Security Agency (CISA) has sought for years to give organizations a leg up in their efforts to effectively prioritize and mitigate vulnerabilities, but one researcher …

Ravie LakshmananJan 17, 2026Law Enforcement / Cybercrime Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, …

“The upgrade in encryption used by RansomHouse RaaS, going from a simple linear model to a more complex multi-layered approach, signals a concerning trajectory in ransomware development,” Unit42 researchers said …

“Microsoft Trusted Signing certificates are issued with a 72-hour validity period. After that, the certificates expire and need to be renewed. This short period makes the standard process of purchasing …

Oct 17, 2025Ravie LakshmananMalware / Cybercrime Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign …

“The description and root cause of CVE-2025-10035 — a newly disclosed critical vulnerability in Fortra’s GoAnywhere MFT solution — is virtually identical to that of CVE-2023-0669, another critical issue that …

So far, it only works in a university lab setting, she pointed out, but she doesn’t doubt a real tool used by a threat actor is coming. She’s more interested …

Aug 02, 2025Ravie LakshmananVulnerability / Zero Day SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late …