The automobile dealership sector continues to evolve digitally with connected vehicles, cloud-based dealership management systems (DMS), online financing, and electronic sales workflows. But the newly released CDK State of Dealership Cybersecurity 2025 report shows a sector still struggling to keep pace with threat actors who increasingly target these high-value, high-data retail environments. Despite gains in awareness and investment, dealerships face widening gaps in employee readiness, thir
ransomware (391)
The cyber threat landscape is constantly evolving, but few threats demand immediate, sector-wide attention like the latest joint advisory on the Akira ransomware. The US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and international partners recently issued a crucial advisory (AA24-109A) detailing the tactics, techniques, and procedures (TTPs) of the Akira ransomware group. Their accompanying press release highlighted the need for decisi
Security solutions firm Sophos has released its fifth annual Sophos State of Ransomware in Retail report. The report, which surveyed IT and cybersecurity leaders across 16 countries, reveals alarming trends in ransomware incidents affecting the retail sector. The report highlights that nearly half (46%) of retail ransomware incidents were traced back to an unknown security gap, indicating significant visibility challenges within the retail attack surface.[1]
Among organizations that experience
In the lead-up to Black Friday and Cyber Monday 2025, the retail sector in the US is facing a significant increase in cyber-attacks targeting both online and brick-and-mortar businesses. Threat actors have and are leveraging sophisticated phishing campaigns, malicious websites masquerading as legitimate retailers, and ransomware attacks timed to disrupt critical sales periods. According to recent industry reports, cybercriminals are exploiting the surge in online shopping traffic by deploying
The Russian government's relationship with its cybercriminal ecosystem has transitioned from passive tolerance to active state management, marking a strategic shift. This report, covering 2024–2025, details the "Dark Covenant 3.0," characterized by selective enforcement, choreographed arrests, and direct coordination between criminal leaders and Russian intelligence intermediaries.
Insikt Group found that Russia leverages these criminal groups as geopolitical tools, with detentions and releases
The cybersecurity community is spinning from a disturbing indictment that underscores a frightening new dimension of insider risk and supply chain betrayal. The US Department of Justice (DOJ) has unsealed charges against two former employees of a US-based cybersecurity firm, accusing them of a stunning conflict of interest: allegedly launching the very ransomware attacks they were hired to help victims recover from.[1]
As reported by TechCrunch and BleepingComputer, the individuals are charged
Ransomware infections usually come from malicious hackers. But in a rarity, a string of attacks was sourced to a pair of cybersecurity employees out to extort millions from victims. Kevin Tyler Martin, a ransomware threat negotiator at cybersecurity provider DigitalMint, and Ryan Clifford Goldberg from Sygnia Cybersecurity Services, are allegedly behind the scheme, according to the Chicago Sun-Times.
A 12-page court document shows a federal grand jury indicted Goldberg and Martin last month fo
South Africa has seen its increases in social upheaval and other political struggles. Cyber-attacks are an additional concern for South Africans to worry about. South Africa has experienced 110 cybercrime incidents involving extortion, ransomware, and state hacking in the past five years, according to Orange Cyberdefense’s inaugural Security Navigator Africa report. This is the highest number in Africa and more than double that of Egypt, which ranked second with 46 incidents between 2020 and
Companies should improve the resilience of their software supply chains against ransomware, according to guidance the International Counter Ransomware Initiative (CRI) published recently after its fifth annual summit in Singapore. The new guidance, developed by the United Kingdom and Singapore as the CRI’s policy leads, aims to raise awareness of the ransomware threat across supply chains, as well as promote good cyber hygiene that will see supply chain vulnerabilities factored into organizatio
Microsoft’s Digital Defense Report 2025[1] warns of a marked increase in identity-based attacks, driven in part by the growing use of artificial intelligence to craft convincing social engineering lures. The company says its systems analyze more than 100 trillion security signals every day and that identity attacks rose 32% in the first half of 2025 compared with the previous period.[2]
Microsoft emphasizes that password attacks remain the primary vector: more than 97% of observed identity-base
In 2025, Chaos ransomware resurfaced with a C++ variant. This marks the first time it was not written in .NET. Beyond encryption and ransom demands, it adds destructive extortion tactics and clipboard hijacking for cryptocurrency theft. This evolution underscores Chaos's shift toward more aggressive methods, amplifying both its operational impact and the financial risk it poses to victims.
This Fortinet report provides a comprehensive technical analysis of Chaos-C++, covering its execution fl
A joint study by Cybersecurity at MIT Sloan (CAMS) and Safe Security has examined 2,800 ransomware incidents and found that a staggering 80.83%, or more than 2,272 attacks, were driven by artificial intelligence. This statistic is not theoretical; it's based on comprehensive, real-world data collected during 2023–2024.
The Rethinking the Cybersecurity Arms Race working paper paints a vivid picture of how AI is transforming attack methods. Adversaries are no longer relying on manual orchestration
Car tire manufacturer Bridgestone confirms it is investigating a cyberattack that impacts on the operation of some manufacturing facilities in North America. The company believes that its rapid response contained the attack at its early stages, preventing customer data theft or deep network infiltration. Bridgestone Americas (BSA) is the North American arm of Bridgestone, a Japanese multinational tire manufacturer, the largest in the world by production volume.[1]
BSA operates 50 production fac
A ransomware attack has forced drug research firm Inotiv to shut down critical systems, resulting in operational disruptions. Inotiv is an analytical drug discovery and development service that works with various pharmaceutical companies. It employs over 2,000 research specialists and reports an annual revenue of over $500 million. According to a regulatory filing with the US Securities and Exchange Commission (SEC), Inotiv discovered the cyber attack on 8 August. “On August 8, 2025, Inotiv,
Why hack when hackers are willing to sell guaranteed access to breached networks? Increasingly, cybercrooks agree they would rather outsource than bother with the tedium of actual network penetration, leading to a flourishing initial access market. Remote access to a victim's network now retails for an average price of $2,700, although about 40% of what's being sold goes for much less $500 to $1,000, noted in a report from cybersecurity firm Rapid7. Research is based on listings posted over
Homeland Security Investigations (HSI), in partnership with US and international law enforcement agencies, has dismantled the infrastructure behind BlackSuit ransomware, a major cybercriminal group and successor to Royal ransomware, in a coordinated global operation. The action targeted the backbone of the group's operations, including servers, domains, and digital assets used to deploy ransomware, extort victims, and launder proceeds. According to US Immigration and Customs Enforcement (ICE),
The legal market segment has been a prime target for cybercriminals due to the highly sensitive and confidential data it holds. A recent report from the International Legal Technology Association (ILTA) and Fenix24, "Security at Issue: State of Cybersecurity in Law Firms," reveals a crucial shift in the threat landscape. The report, based on a survey of 60 law firms, indicates that while awareness and investment are rising, fundamental vulnerabilities persist, and human-operated attacks are no
US law enforcement agencies provided new details on an operation that dismantled critical infrastructure used by the BlackSuit ransomware gang after the organization’s leak site was replaced with a takedown banner nearly two weeks ago.
The group, which rebranded from its Royal name after a devastating 2023 attack that shut down the City of Dallas, successfully attacked more than 450 entities in the US. Since emerging in 2022, the gang secured more than $370 million in ransom payments, accordin
Vendor-related risks, from both tech providers and non-tech partners, have always been a concern, but they’re now becoming increasingly apparent in a growing number of cyber insurance claims. While data breaches were once the main concern, we are now seeing more severe first-party losses caused by ransomware attacks and major system outages. These issues are not always the result of a cyberattack, either. Sometimes they come from non-malicious errors, like critical system failures or software
Cisco Talos researchers on 24 July 2025 detailed Chaos, a newer Ransomware-as-a-Service (RaaS) group that specializes in big company hunting and double extortion attacks (meaning it both encrypts victim files and steals data for potential leaking). According to Cisco Talos, the group emerged in early February 2025 and appears to be made up of former BlackSuit ransomware gang members "based on similarities in the ransomware's encryption methodology, ransom note structure, and the toolset used in
