The BlackCat RaaS continues to pose a bigger threat as two well-known ransomware affiliates have added the payload into their arsenal.
Ransomware groups are using DNS tunneling more and more as a way to exfiltrate data and send commands to infected machines.
A threat cluster with significant overlap to the Evil Corp cybercriminal gang has started deploying the LockBit ransomware in an effort to evade U.S. sanctions.
The Karakurt data extortion group is stealing sensitive information from enterprises and holding it for ransom, CISA warns.
The average ransomware attack duration - from the initial access to the deployment of the ransomware payload at scale - was under four days in 2021.