Kirsten Doyle

A sophisticated Python-based backdoor, potentially developed using AI, has been identified as a critical tool for RansomHub affiliates to infiltrate and maintain access to compromised networks. The discovery, made by Andrew Nelson, Principal Digital Forensics and Incident Response (DFIR) Consultant at GuidePoint Security, reveals new tactics being used by ransomware gangs. A Lucrative Model RansomHub, a Ransomware-as-a-Service (RaaS) operation that debuted in February 2024, has rapidly gained notoriety in the cybercrime ecosystem. Known for its generous affiliate payment structure and multi-platform capabilities, the group is a formidable threat to entities worldwide. RansomHub offers a generous 90/10 payment split, allowing affiliates…

As January reaches its midpoint, more cybersecurity experts have weighed in on what the year ahead holds for the industry. From the rapid advancement of artificial intelligence to evolving strategies in application security and a renewed focus on education and workforce training, 2025 promises to be a transformative year. Entities in every sector face a growing need to adapt to sophisticated threats, regulatory changes, and an increasingly interconnected digital ecosystem. In this article, we explore the predictions shared by leading voices in cybersecurity and the innovations shaping how we protect data, systems, and people in the year ahead. Dan Bridges,…

The Wiz Incident Response team is actively addressing multiple security incidents linked to CVE-2024-50603, a critical unauthenticated remote code execution (RCE) vulnerability in Aviatrix Controller. The vulnerability was discovered by Jakub Korepta of Securing. This flaw, rated the maximum CVSS score of 10.0, poses a severe risk of privilege escalation within AWS cloud environments. Entities using Aviatrix Controller are strongly advised to apply patches immediately. Data from Wiz indicates that approximately 3% of enterprise cloud environments use Aviatrix Controller. Of these, 65% have configurations enabling lateral movement to cloud administrative permissions—a concerning statistic given the potential for widespread damage. A High-Impact Security Threat This vulnerability…

In a move to cement the US’s position as a global leader in artificial intelligence (AI), the Biden-Harris Administration has unveiled an Interim Final Rule on AI Diffusion. The policy hopes to improve national security and economic strength while ensuring the responsible global deployment of US AI technology. According to a White House press statement, “In the wrong hands, powerful AI systems have the potential to exacerbate significant national security risks, including by enabling the development of weapons of mass destruction, supporting powerful offensive cyber operations, and aiding human rights abuses, such as mass surveillance. Today, countries of concern actively…

Meta’s jaw-dropping announcement that it is ending its third-party fact-checking program is likely to trigger increased activity from fake accounts and troll farms, which specialize in disseminating intentional falsehoods. The social media giant’s decision to end its fact-checking initiatives raises serious concerns about a potential flood of online disinformation and its broader societal implications. Fact-checkers have been instrumental in helping users recognize fake news and other false information by flagging potentially misleading content and offering links to credible sources. Rather than removing content, the system provided users with the context necessary to make informed choices. Meta, not the fact-checkers, made…

Three Russian nationals have been charged for their involvement in operating cryptocurrency mixing services Blender.io and Sinbad.io, according to an indictment unsealed on January 7 by a federal grand jury in the Northern District of Georgia. The charges stem from an extensive investigation into the laundering of criminal proceeds through these platforms, which authorities allege facilitated cybercrime and jeopardized national security. Roman Vitalyevich Ostapenko, 55, and Alexander Evgenievich Oleynik, 44, were arrested on 1 December last year following the dismantling of Sinbad.io’s infrastructure in late 2023. A third defendant, Anton Vyachlavovich Tarasov, 32, remains at large. The Allegations According to…

Medusind, a healthcare revenue cycle management provider, has disclosed a data breach that compromised the personal and health information of 360,934 people. The breach, which happened over a year ago, affirms the ongoing cybersecurity challenges in the healthcare sector. The company, which operates 12 locations across the US and India and supports more than 6,000 healthcare providers, detected suspicious activity on its network on 29 December 2023. It immediately took its systems offline and enlisted a cybersecurity forensic firm to investigate. In a breach notice sent to affected individuals, Medusind confirmed that a “cybercriminal may have obtained a copy of…

Check Point Research (CPR) has uncovered a sophisticated new version of the Banshee macOS Stealer malware, capable of stealing browser credentials, cryptocurrency wallets, and other sensitive data. This latest version, undetected for over two months, raises alarms for macOS users worldwide. macOS has long been seen as a secure platform, but with over 100 million users globally, it is attracting the attention of cyber crooks. Banshee Stealer rearing its ugly head highlights the growing risks to macOS users and the need for better cybersecurity measures to protect these devices. The malware’s obfuscation abilities are next level – it blends seamlessly…

Organizations are urged to act swiftly to address vulnerabilities impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways by sticking to the latest guidance from the vendor. Ivanti has released a critical security update addressing these vulnerabilities, identified as CVE-2025-0282 and CVE-2025-0283. The fix is now available via Ivanti’s standard download portal. The company disclosed that a limited number of Ivanti Connect Secure appliances were exploited through CVE-2025-0282 at the time of disclosure. However, it says there is no evidence that the vulnerabilities have been exploited in Ivanti Policy Secure or Neurons for ZTA gateways. Swift Response and Collaboration Threat…

Last year saw increasingly sophisticated cybersecurity threats as malicious actors leveraged all forms of AI to create difficult-to-detect phishing attacks, deepfakes, and ransomware incidents. To counter these, organizations adopted AI-driven security solutions, including threat detection, automated incident response, and intelligent vulnerability management, to protect data and infrastructure. “In 2025, as AI evolves further in sophistication and adoption, alongside the growing burden of data breach costs and regulation – in addition to implementing advanced cybersecurity measures, organizations must prioritize real-world security awareness training,” says Usman Choudhary, Chief Product & Technology Officer, VIPRE Security Group, sharing his cybersecurity predictions for 2025. AI-Powered Phishing His…