Credential theft escalates as threat actors use stealthier tactics


Cybercriminals are pivoting to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises have declined.
These are among the findings of a new report from IBM X-Force which also observes an 84 percent increase in emails delivering infostealers in 2024 compared to the previous year, a method threat actors rely heavily on to scale identity attacks.
Number of ransomware victims increases 102 percent


Ransomware attacks reached a historic high in the first quarter of this year, with 2,063 victims reported, a 102 percent increase compared to the previous year.
The report from GuidePoint Security also records a record high number of active threat groups, with 70 identified in Q1, reflecting a 55.5 percent year-on-year rise.
First quarter of 2025 sees record numbers of ransomware attacks


New findings from threat protection platform BlackFog show the first quarter of 2025 has seen record-breaking numbers of publicly disclosed ransomware attacks, marking a 45 percent increase compared to Q1 of 2024.
Analysis of ransomware activity in the period from January to March saw records set each month. Both January and February set new monthly records for disclosed attacks, with increases from 2024 of 22 percent and 36 percent, respectively while March recorded the largest number of disclosed attacks since BlackFog began tracking in 2020, with 107 attacks -- an 81 percent increase compared with March 2024.
Immutable backup storage is the best defense against ransomware


New research from Object First shows 81 percent of IT professionals say immutable backup storage built on Zero Trust principles is the best defense against ransomware, and 54 percent view target backup appliances as more secure than integrated appliances.
The report, produced with Informa TechTarget's Enterprise Strategy Group, finds two-thirds of organizations have suffered an attack, and 45 percent experienced multiple attacks. Moreover, 49 percent of affected organizations took up to five business days to recover, and most could not recover all of their data.
Ransomware attacks surge despite payments being down


The latest threat intelligence report from Ontinue finds a 132 percent surge in ransomware attacks, although ransom payments have declined by 35 percent, suggesting a shift in attacker strategies to double down on ransomware efforts.
Among other key trends, the report highlights the rapid rise of Adversary-in-the-Middle (AiTM) attacks, which have become a dominant method for stealing authentication tokens and bypassing multi-factor authentication (MFA).
Ransomware readiness -- how boards can lead the charge against cyber threats [Q&A]


Ransomware attacks are increasingly targeting organizations across industries, with the potential to cause devastating financial, operational, and reputational damage.
We spoke to James Eason, practice lead for cyber risk and compliance at Integrity360, to get his insights into how executive boards can effectively prepare for such incidents.
New solution delivers fast recovery from ransomware attacks


With enterprises relying increasingly on data stored on the cloud existing ransomware solutions designed for in-house storage often fall short. That can mean longer recover times which in turn can prove devastating for the business.
Cloud backup platform Eon is launching a new cloud-native package designed specifically to provide protection and recovery from ransomware attacks. Engineered for immediate recovery, Eon's platform is able to restore clean data in minutes, offering greater efficiency than other current market offerings.
Most ransomware incidents start with compromised perimeter security


A new report from cyber insurance provider Coalition shows 58 percent of ransomware claims in 2024 started with threat actors compromising perimeter security appliances like virtual private networks (VPNs) or firewalls.
Remote desktop products are the second-most exploited for ransomware attacks at 18 percent. The most common initial access vectors (IAVs) being stolen credentials (47 percent) and software exploits (29 percent). Vendors including Fortinet, Cisco, SonicWall, Palo Alto Networks, and Microsoft build the most commonly compromised products.
Ransomware attacks up 30 percent driven by AI and RaaS


The latest threat report from Deep Instinct shows ransomware attacks increasing by 30 percent, driven by AI-powered phishing and Ransomware-as-a-Service offerings.
The findings reveal that AI-generated phishing campaigns have grown in efficacy with advancements in reconnaissance and video and voice generation tools.
Third-party risk is biggest cybersecurity blind spot


Third-party risk has emerged as a dominant driver of cyber insurance claims and material losses in 2024, according to new data from leading cyber risk solutions company Resilience.
Cyber insurance claims data shows that third-party risk, including ransomware and outages affecting vendors, accounted for 31 percent of all claims in 2024. Even more startling, third-party risk led to claims with incurred losses for the first time ever, making up nearly a quarter (23 percent) of incurred claims in 2024 (compared to none in 2023).
2024 broke records for ransomware attacks


Ransomware attacks reached record levels throughout 2024 according to the latest State of Ransomware report from BlackFog.
LockBit, one of the most prominent ransomware gangs in recent years, remained the most active ransomware variant through 2024 affecting 603 victims. May was the busiest month, with nearly 200 attacks launched, accounting for 36 percent of all attacks that month.
Strengthening cyber resilience -- cautious collaboration between organizations and third-party vendors needed


Ransomware is continuously on the rise. Despite multiple major law enforcement actions against ransomware groups over the past year, there has been a significant increase in ransomware attacks between 2023 and 2024. Interestingly enough, there was also a tracked 35 percent drop in ransomware payments in 2024, but it is clear that this is not stopping ransomware attacks from continuing as threat actors are finding other ways to monetize the data they’re stealing.
To combat this rise, cyber security measures within organizations need to be improved at every level, especially as the threat landscape grows even more complex. This past year has shown us that the importance of careful third-party vendor collaboration particularly must not be overlooked. With that said, there are a few considerations that need to take priority as 2025 progresses.
The security threats organizations are most concerned about [Q&A]


The cybersecurity landscape is constantly evolving and organizations need to stay up to date if they're to adequately protect themselves.
At the end of last year, O'Reilly released its 2024 State of Security survey, which analyzes the threats that concern frontline practitioners most, the projects they're implementing to safeguard systems and infrastructure, the skills companies are hiring for, and more.
Ransomware up fourfold as threats get more complex


Analysis of data logged by the Barracuda Managed XDR Security Operations Center shows ransomware threats have increased by four times over the last year.
In 2024, Barracuda Managed XDR logged 11 trillion IT events -- 350,000 per second. Just over a million were flagged as a potential risk and of these, 16,812 were identified as high-severity threats that required immediate defensive action. That’s a small percentage but highlights the need for powerful engines, analysis tools and human expertise to detect them.
Number of active dark web ransomware groups up 38 percent in 2024


A total of 94 ransomware groups listed victims in 2024 (a 38 percent increase on 2023) with 49 new groups observed, according to a new report, reflecting further complexity in the ransomware landscape.
The study from Searchlight Cyber also finds an 11 percent increase in the number of total victims posted on ransomware leak sites in 2024 (5,728) compared to 2023 (5,081).
Recent Headlines
Most Commented Stories
© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.