New Spirals ransomware encrypts victim network in under 24 hours
A new ransomware actor called Spirals completed a corporate intrusion, from initial access to data theft and encryption, in less than 24 hours. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A new ransomware actor called Spirals completed a corporate intrusion, from initial access to data theft and encryption, in less than 24 hours. [...]
SocGholish uses traffic distribution systems (TDSs) to provide initial access into victims' networks for cybercrime groups such as the notorious Evil Corp.
Patch Rollout Slows and Ransomware Incident Volume Rises, Finds Latest Verizon DBIRThe frequency of hackers exploiting vulnerabilities in hardware and software to gain initial access to a victim's environment continues to surge, and half of all successful breaches also now involve some type of "ransomware action," according Verizon's 2026 Data Breach Investigations Report.
Aleksei Volkov sentenced after enabling attacks that cost victims millions A Russian national who sold the keys to corporate networks faces nearly seven years in a US prison after prosecutors tied his handiwork to a string of ransomware attacks costing victims millions of dollars.…
Voice phishing is second most common initial access method across all IR probes, and top in cloud break-ins RSAC 2026 Voice phishing surged last year to become the second most common method used by cybercriminals to gain initial access to their victims' IT estate – and the No. 1 tactic used when breaking into cloud environments.…
North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim's KakaoTalk desktop application to distribute malicious payloads to certain contacts
$2,700 Is the Average Price for Initial Access to a Victim, Plus PrivilegesWhy hack, when hackers are willing to sell guaranteed access to breached networks? More and more cybercrooks agree they'd rather outsource than bother with the tedium of actual network penetration, leading to a flourishing initial access market.
A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to the same network.
Group Amassed Intelligence on CFO to Trick Help Desk and Gain Initial AccessHackers tied to the cybercrime group Scattered Spider have been taking down fresh victims, including a logistics firm first breached when attackers tricked its help desk, using personal information they amassed for the CFO, reports the security team that responded to the intrusion.
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025
The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system
Group Claims a NY Surgical Center and a Nevada Medical Center Among Recent VictimsU.S. authorities are warning healthcare sector entities of incidents involving Everest, a Russian-speaking ransomware group and initial access broker, which claims to have stolen sensitive patient information in recent attacks, including on two medical care providers in New York and Nevada.
Attackers have increasingly leveraged the widely used remote access tool, installed on hundreds of millions of endpoints, to break into victim environments.
"Operation Duck Hunt" is not likely to eliminate the initial access botnet forever, but the proactive removal of the malware from victim machines by law enforcement is one of the largest and most significant efforts of its kind.
"Dozens" of organizations across the world have been targeted as part of a broad business email compromise (BEC) campaign that involved the use of adversary-in-the-middle (AitM) techniques to carry out the attacks
An unnamed government entity associated with the United Arab Emirates (U.A.E.) was targeted by a likely Iranian threat actor to breach the victim's Microsoft Exchange Server with a "simple yet effective" backdoor dubbed PowerExchange
The infamous Trojan's operators are switching up tactics with the use of simulated business correspondence, which helps instill trust with intended victims, and a stealthier payload.
Networking equipment major Cisco on Wednesday confirmed it was the victim of a cyberattack on May 24, 2022 after the attackers got hold of an employee's personal Google account that contained passwords synced from their web browser
At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim's network. [...]
At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim's network. [...]