How the Dark Web Fuels Cyber-crime (and Why It Matters to Your Company)
The dark web is more than a hidden corner of the internet. It has grown into a global underground economy where stolen data, hacking tools, and even “cybercrime as a service” are bought and sold. For businesses, this shadow market poses real risks, from leaked employee credentials to stolen intellectual property. Understanding how the dark web fuels cybercrime is essential for protecting your company, safeguarding customer trust, and staying resilient in an increasingly connected world.
Crypto24 Ransomware Group – EDR Bypass
Crypto24 ransomware wreaks havoc on enterprise networks with stealth EDR evasion Organizations across multiple sectors are grappling with attacks from the Crypto24 ransomware group, known for their sophisticated stealth techniques and EDR evasion. First observed in September 2024, Crypto24 has been leveraging legitimate Windows tools combined with custom malware to bypass security defenses and escalate […]
How MaaS affects your business and why you should care?
Malware-as-a-Service (MaaS) is reshaping cybercrime, making advanced attacks accessible to anyone. Learn how MaaS puts your business at risk — from ransomware to phishing — and why proactive security is essential.
Western Alliance Data Breach Tied to Cleo Software Flaw
Western Alliance Bank confirmed a data breach in April 2025 linked to a vulnerability in Cleo Integration Cloud. The breach, attributed to the Cl0p ransomware group, underscores the growing risks from third-party software vulnerabilities. Learn how the bank is responding and the increasing role of SOC in protecting financial institutions.
DBS Data Breach 2025: Ransomware Attack Exposes 11,000 Customers
An insights article examining the 2025 DBS data breach, focusing on how a ransomware attack on vendor Toppan Next Tech exposed thousands of customer records, and what it reveals about the growing threat of third-party supply chain vulnerabilities in the financial sector.
Emerging Ransomware Threats and Securing Open-Source Email Infrastructure
An insights article highlighting the rise of unconventional ransomware groups targeting open-source email platforms like Zimbra, including a technical bulletin with actionable guidance for UK organisations.
Everest Group Alleged to have hit Kaefer
On 8 May 2025 at approximately 05:49 BST, the Everest Ransomware Group purportedly claimed responsibility for a cyber‐intrusion against Kaefer, one of the world’s leading industrial insulation and access specialists.
DragonForce Threat Actor Profile
DragonForce is a cyber threat group that has rapidly evolved from hacktivist beginnings into a prolific ransomware operation. Active since mid-2023, it initially engaged in ideologically driven attacks but later shifted focus to financially motivated extortion.
Trigona
1. Overview Trigona is a double extortion ransomware group that emerged publicly in late 2022, and quickly gained attention for its aggressive enterprise targeting, database-specific encryption techniques, and rapid tooling evolution. Trigona combines file encryption with data exfiltration, threatening public release of stolen information via its dark web leak site. Though less widely known than […]
Royal Ransomware Group
A threat profile of Royal, a sophisticated ransomware group targeting critical infrastructure and enterprises with double extortion tactics, custom tooling, and high-pressure ransom negotiations.
