GOLD SALEM tradecraft for deploying Warlock ransomware

Blog

Byadmblake December 11, 2025

Analysis of the tradecraft evolution across 6 months and 11 incidents

Blog

Wazuh for Regulatory Compliance

Organizations handling various forms of sensitive data or personally identifiable information (PII) require adherence to regulatory compliance standards and frameworks. These compliance standards also apply to organizations operating in regulated sectors such as healthcare, finance, government contracting, or education. Some of these standards and frameworks include, but are not limited to:

Read More Wazuh for Regulatory Compliance
Blog

SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips

The U.S. Securities and Exchange Commission (SEC) has filed charges against multiple companies for their alleged involvement in an elaborate cryptocurrency scam that swindled more than $14 million from retail investors. The complaint charged crypto asset trading platforms Morocoin Tech Corp., Berge Blockchain Technology Co., Ltd., and Cirkor Inc., as well as investment clubs AI…

Read More SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips
Blog

Consumer Groups Push IoT Security Bill to Address EoL Concerns

Consumer Reports, Secure Resilient Future Foundation (SRFF) and US Public Interest Research Group (PIRG) introduced a model bill to increase transparency around Internet of Things that have reached end-of-life status.

Read More Consumer Groups Push IoT Security Bill to Address EoL Concerns
Blog

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Cybersecurity researchers have discovered two malicious packages in the Python Package Index (PyPI) repository that masquerade as spellcheckers but contain functionality to deliver a remote access trojan (RAT). The packages, named spellcheckerpy and spellcheckpy, are no longer available for download, but not before they were collectively downloaded a little over 1,000 times. “Hidden inside the

Read More Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan
Blog

BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers

A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot. “The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents,” Aryaka Threat Research Labs

Read More BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers
Blog

Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide

Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes ranging from phishing to investment fraud. The coordinated law enforcement effort, dubbed Operation SIMCARTEL, saw 26 searches carried out, resulting in the arrest of seven suspects…

Read More Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide

Related