Blog – Page 29 – VigilantAI

May 8, 2025
No Comments

Qilin Leads April 2025 Ransomware Spike with 45 Breaches Using NETXLOADER Malware

May 8, 2025
No Comments

Security Tools Alone Don’t Protect You — Control Effectiveness Does

May 8, 2025
No Comments

MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware

May 8, 2025
No Comments

Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware

May 8, 2025
No Comments

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

May 7, 2025
No Comments

OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws

May 7, 2025
No Comments

Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks

May 7, 2025
No Comments

Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection

May 7, 2025
No Comments

SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version

May 7, 2025
No Comments

Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization

Ransomware in 2025: More Attacks, Bigger Targets, Fewer Confirmations July 7, 2025
The ransomware crisis continues to deepen. In the first half of 2025, 3,627 attacks were logged worldwide, a 47% jump from the same period last year. But confirmation remains scarce. According to Comparitech, of those incidents, just 445 were publicly acknowledged by victims. The rest were claimed by threat actors on their leak sites, often […]
Kirsten Doyle
Scattered Spider’s Pre-Attack Infrastructure Exposed: 500+ Phishing Domains Mimic Enterprise Logins July 7, 2025
The infamous cybercrime group known as Scattered Spider is expanding its playbook, and laying the groundwork long before the breach. New findings from Check Point Research reveal a sprawling infrastructure of more than 500 phishing domains, many designed to impersonate enterprise login pages. It’s a quiet phase of attack planning, but one that holds critical […]
Kirsten Doyle
Stop Ransomware in Its Tracks with Exfiltration Prevention July 7, 2025
Ransomware attacks have not only increased in numbers, but they have also evolved beyond data encryption and ransoms. Today’s attackers are increasingly turning to double or even triple extortion, extracting sensitive information to increase their leverage. According to the 2025 Verizon DBIR, 90% of ransomware attacks involved data exfiltration in 2024, up from 85% in 2023 […]
Brad LaPorte
From Manual to Mindful: Elevating IT Support in the Age of Intelligent Automation July 4, 2025
Across industries, IT support is undergoing a quiet revolution. While it once meant a reactive help desk resolving tickets on a first-come, first-served basis, today’s model is more proactive, data-driven, and increasingly powered by AI. At the centre of this shift are small and mid-sized enterprises (SMEs), which face a unique set of challenges: tighter […]
Robert Phan
Critical Cisco Flaw Lets Attackers Gain Root Access to Unified CM July 4, 2025
Cisco has patched a critical flaw in its Unified Communications Manager (Unified CM) software that allowed unauthenticated remote attackers to log in using hardcoded root credentials. The vulnerability, tracked as CVE-2025-20309, carries a CVSS score of 10.0 (the highest possible) and affects select engineering special (ES) builds of version 15.0. The issue stems from development […]
Kirsten Doyle
Ransomware Group Hunters International Claims Shutdown, Offers Free Decryptors July 4, 2025
Hunters International, a notorious ransomware gang with ties to past high-profile cyberattacks, says it’s closing shop. The group made the announcement Thursday via its darknet extortion site, claiming it would release free decryption tools to help past victims recover data. “After careful consideration and in light of recent developments, we have decided to close the […]
Kirsten Doyle
Iranian Cyber Threats Surge Amid Geopolitical Tension July 4, 2025
Cyberattacks linked to Iranian threat groups are on the rise, according to a new threat intelligence report from security provider Blumira. The report highlights how escalating geopolitical tensions between the US and Iran are driving a surge in Iranian state-linked cybers activity, particularly targeting critical sectors like healthcare, energy, and government. Blumira, which monitors threats […]
Josh Breaker Rolfe
Cyber Criminals Target Prime Day Shoppers with Fake Amazon Domains and Phishing Scams July 4, 2025
Amazon Prime Day 2025 is almost here. So are the scammers. With global shoppers gearing up for deals on 8 July, bad actors are already laying traps. In June alone, researchers tracked more than 1,000 new domains mimicking Amazon. Nearly nine in ten were flagged as malicious or suspicious. Many used the phrase “Amazon Prime” […]
Kirsten Doyle
The Role of Penetration Testing in ATM Cybersecurity July 3, 2025
Although many financial institutions offer digital services, ATMs remain critical points of interaction between banks and customers and an attractive target for cybercriminals. ATM attack methods are becoming more sophisticated, from card skimming to malware injection and man-in-the-middle attacks. Ensuring strong ATM cybersecurity is essential to safeguarding customer data, protecting financial assets, and maintaining consumer […]
Zac Amos
Security Holes Plague EU Border Database, Report Finds July 3, 2025
The Schengen Information System II (SIS II) is meant to be a digital sentinel for Europe’s borders. It flags suspects, alerts officials, and logs biometric data in real time. But behind the promise lies a system riddled with security flaws. Bloomberg reviewed confidential documents showing thousands of unpatched vulnerabilities. Some date back years. In a […]
Kirsten Doyle

Category: Blog

Qilin Leads April 2025 Ransomware Spike with 45 Breaches Using NETXLOADER Malware

Security Tools Alone Don’t Protect You — Control Effectiveness Does

MirrorFace Targets Japan and Taiwan with ROAMINGMOUSE and Upgraded ANEL Malware

Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws

Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks

Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection

SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version

Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization

[email protected]