Charon Ransomware Emerges With APT-Style Tactics
The first documented deployment of the novel malware in a campaign against the Middle Eastern public sector and aviation industry may be tied to China’s state-sponsored actor Earth Baxia.
-
-
How to Stay a Step Ahead of a Non-Obvious Threat
Securing business logic isn’t just a technical requirement — it’s a business imperative.
-
Enhancements and new offerings for Sophos’ email security portfolio
Following multiple enhancements to Sophos Email – the only MDR-optimized email security solution – Sophos is introducing two new offerings to boost email security posture.
-
New ‘Curly COMrades’ APT Using NGEN COM Hijacking in Georgia, Moldova Attacks
A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks. “They repeatedly tried to extract the NTDS database from domain controllers — the primary repository for user password hashes and authentication data in…
-
ShinyHunters Tactics Now Mirror Scattered Spider
There’s growing evidence that two of arguably the most dangerous cybercrime groups out there are tag-teaming big targets.
-
The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions
Most security tools can’t see what happens inside the browser, but that’s where the majority of work, and risk, now lives. Security leaders deciding how to close that gap often face a choice: deploy a dedicated Enterprise Browser or add an enterprise-grade control layer to the browsers employees already use and trust. The Ultimate Battle:…
-
Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors
The Dutch National Cyber Security Centre (NCSC-NL) has warned of cyber attacks exploiting a recently disclosed critical security flaw impacting Citrix NetScaler ADC products to breach organizations in the country. The NCSC-NL said it discovered the exploitation of CVE-2025-6543 targeting several critical organizations within the Netherlands, and that investigations are ongoing to determine the
-
BlackSuit Ransomware Takes an Infrastructure Hit From Law Enforcement
A swarm of US agencies joined with international partners to take down servers and domains and seize more than $1 million associated with BlackSuit (Royal) ransomware operations, a group that has been a chronic, persistent threat against critical infrastructure.
-
REvil Actor Accuses Russia of Planning 2021 Kaseya Attack
REvil affiliate Yaroslav Vasinskyi, who was convicted last year for his role in the 2021 Kaseya ransomware supply chain attack, said the Russian government was instrumental to the attack’s execution.
-
Black Hat NOC Expands AI Implementation Across Security Operations
Corelight’s James Pope gave Dark Reading an inside look at this year’s Black Hat Network Operations Center, detailing security challenges and rising trends — many related to increased AI use.