DARKReading

A threat actor has gained access to Microsoft 365 environments of a small number of customers of Commvault's Metallic service.

DragonForce, a ransomware "cartel" that has gained significant popularity since its debut in 2023, attacked an MSP as part of a recent supply chain attack, via known SimpleHelp bugs.

The attack dirsupted MathWorks' systems and online applications, but it remains unclear which ransomware group targeted the software company and whether they stole any data.

The non-ransomware extortion group has switched up tactics and victimology in a deliberate and focused campaign similar to those of other attackers focused on stealing sensitive data.

Once dismissed as Internet miscreants in hoodies, ethical hackers have hit the big time, earning millions from blue-chip firms. And they say it's their diverse backgrounds that make them top-tier bug hunters.

A multiyear investigation by a public-private partnership has resulted in the seizure of the botnet's US-based infrastructure and indictments for its key players, significantly disrupting a vast cybercriminal enterprise.

Organizations need to broaden their strategy to manage vulnerabilities more effectively and strengthen network cyber resilience.

Encryption, collaboration, and AI can help organizations build up essential protection against ransomware.

By automating security policies and threat detection while coaching users on data protection, companies will be better able to take control of and protect their data.

The key to navigating this new GenAI landscape is a balanced approach — one that fosters transparency, strengthens regulatory frameworks, and embraces privacy-enhancing technologies.