Read the profile of Medusa, one of the rising RaaS groups with prediction of 200+ victims this year. One highlight - their clear web presence (including Facebook/Twitter accounts) sprou.tt/1C2K79PdTEu

Ransomware groups are targeting vulnerabilities instead of industries/companies. CVE with public PoC, leading to RCE, and high CVSS score? Expect weaponization in less than 24 hours. We had an investigation where 1 unpatched server was compromised 70x in less than a month.

Let's be honest: software supply chain attacks like SolarWinds are rare but get way too much hype. We should pay more attention to "soft" supply chain: contractors, partners, customers. Business Email Compromise is a huge problem, partly because we don't talk about it enough

Great report about Meow Leaks, one of the new RaaS groups - 500% YOY growth in claimed victims - Focus on data exfil (we can confirm attempted data encryption) - Offers to sell data to multiple buyers/bidders - WoW guild (?!) with lvl 460 item req to join sprou.tt/1J8YofX42hC

Bitdefender has released a free decryptor for ShrinkLocker, a #ransomware that uses BitLocker to lock files, and can compromise entire networks in under 10 minutes. Read: thehackernews.com/2024/11/free-d… #infosec #cybersecurity

ShrinkLocker ransomware decyptor recovers BitLocker-encrypted files - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

💡 Bitdefender has identified a new ransomware called #Shrinklocker which exploites Windows Bitlocker for infection - Good news: The company also managed to release its free decryptor. Read: hackread.com/bitdefender-sh… #CyberSecurity #Ransomware #Windows #Decryptor

Fresh ShrinkLocker analysis by Bitdefender bundled with decryptor and recommendations for BitLocker-based malicious attacks. TL;DR - it's used by multiple lone wolves; existing information is not always accurate. Live event next week if you prefer that. bitdefender.com/en-us/blog/bus…

Bitdefender releases decryptor for the ShrinkLocker ransomware, ending months of concern from incident responders. ShrinkLocker, a new strain of malware, uses Microsoft’s BitLocker to encrypt files and eliminates recovery options. therecord.media/bitdefender-re…

ShrinkLocker used decryptors as a threat—then reversed course. Discover how this ransomware unfolded and what it means for your defenses. 🔗 bitdefend.me/48NONKS #Cybersecurity #InfoSec #Ransomware

📷 We’re going LIVE today to talk about #ShrinkLocker—a ransomware attack that’s taking a completely different approach compared to most modern threats. This deviation from the norm has raised questions about whether it signals the start of a new trend in cybercrime. 📷 Don’t

Total CVEs: 240,830 Total KEVs 1,218 0.5% of CVEs have been seen exploited in the wild historically. I've also asked several cyber-insurance carriers if they could share with me the CVEs that resulted in claims. Answer, less than 200 per year.

Adversaries are exploiting Microsoft Teams and Quick Assist. Learn how they’re targeting collaboration tools and how to protect your organization. 🔗 bitdefend.me/4i0ii0o #Cybersecurity #InfoSec

Watch out for weaponization of Microsoft Teams and Quick Assist (both legitimate tools from Microsoft) by threat actors, we've seen increase in these attacks recently 👀 sprou.tt/1zS74EQzv4O

The results of the latest MITRE ATT&CK Evaluations (round 6) were just released. This year, they added 2 new well-needed metrics - alerts volume and false positives (kinda) to provide a more complete picture of actionability for EDR/XDR participants bitdefender.com/en-us/blog/bus…

MITRE ATT&CK Evaluations - Round 6 full results for 3 core metrics (volume + FPs were added for the first time).

Read our blog by MartinZugec to learn more about the 2024 ATT&CK® Enterprise Evaluations and the two new metrics MITRE introduced this year: 'Total Alerts Generated' and 'False Positives', which provide a clearer view of vendor solution actionability. 🛡️ Bitdefender's

🚨RedCurl, the Russian-speaking group—long known for espionage—has deployed ransomware for the first time. 👀 Their new strain: QWCrypt 🧠 Tactic: Fake CVs + legit Adobe tools = full system compromise No leak site. No clear motive. Just chaos. Details: thehackernews.com/2025/03/redcur…

Bitdefender Labs investigated a new ransomware family, QWCrypt, deployed by the RedCurl group (Earth Kapre/Red Wolf) for the first time. Notably, they're targeting hypervisors, not endpoints. Also, not so convinced they are the "corporate espionage" group sprou.tt/1tr6J95lIwu

RedCurl cyberspies create ransomware to encrypt Hyper-V servers - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…