Upgrade now! New MOVEit Transfer vulnerability under active exploitation
A new vulnerability in MOVEit Transfer is already under active exploitation, just a day after a patch was released.
2 minutes
Ransomware
From weeks to hours: Why ransomware attacks are getting quicker
Businesses will need to adapt as ransomware gangs take less time to steal and encrypt data than ever before.
4 minutes
Anything but science fiction: The anatomy of an Akira ransomware attack
An analysis of a real life Akira ransomware attack.
3 minutes
Black Basta ransomware exploits Windows Error Reporting Service vulnerability
Researchers have found an exploit tool using an elevation of privilege vulnerability to drop Black Basta ransomware.
2 minutes
Ransomware review: June 2024, a year-high 470 attacks recorded
In May, we recorded a total of 470 known ransomware attacks, including some sickening attacks on healthcare.
4 minutes
5 early signs of a ransomware attack (based on real examples)
Spot the five early signs of ransomware gangs moving laterally through your network.
4 minutes
Ransomware drives healthcare provider into administration
Australian e-prescription provider MediSecure has entered voluntary administration following a cyberattack.
1 minute
Operation Endgame—the largest ever battering for botnets
Europol has published the results of Operation Endgame, a campaign aimed at the infrastructure spreading IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee,…
2 minutes
North Korean threat actor behind new ransomware
A relatively new group of North Korean cybercriminals has been found deploying FakePenny ransomware.
2 minutes
Akira ransomware gang: Who they are and how to prevent infection
Who is the Akira ransomware gang and how can you block them?
5 minutes
140 Ascension facilities still reeling from ransomware attack
140 Ascension healthcare units have been disrupted by the Black Basta ransomware group.
1 minute
Black Basta ransomware affiliates use Quick Assist to target users
Cybercriminals are using the Quick Assist remote assistance tool to deliver ransomware.
1 minute
Ransomware review: May 2024
April was the second most active month of 2024 as ransomware groups positioned themselves to take over from LockBit and…
3 minutes
Law enforcement places new teasers on LockBit leak site and reveals sanctions
Law enforcement has posted new teasers on the seized LockBit leak site about an upcoming announcement.
2 minutes
London Drugs closes retail stores after ransomware attack
Canadian pharmacy retail giant London Drugs is reeling from a cyberattack.
2 minutes
CISA pilot has sent 2,000 alerts to organizations at risk of ransomware
CISA director Jen Easterly said the agency’s automated vulnerability warning program will be ready for full deployment by the end…
1 minute
The anatomy of a Medusa ransomware attack: ThreatDown MDR team investigates
In early April 2024, a prominent service chain in the United States fell victim to a Medusa ransomware attack.
2 minutes
Medusa ransomware: What organizations need to know
Organizations beware: the Medusa ransomware gang is on the rise.
3 minutes
Patch now! Cactus exploits Qlik Sense to deliver ransomware
Researchers say the Cactus ransomware group is exploiting vulnerabilities in Qlik Sense.
1 minute
Cybercrime Has Gone Machine-Scale
AI is automating malware faster than security can adapt.
Get the facts Read the 2026 State of Malware