exfiltration
Ransomware hackers say NO to Data Exfiltration and YES to Encryption
Ransomware operators appear to be recalibrating their tactics, with a noticeable shift away from large-scale data exfiltration and toward a renewed emphasis on file encryption. According to a study conducted by incident response firm Coveware, only well-established cybercriminal syndicates—such as Clop, LockBit 3.0, and Qilin—continue to systematically employ “double extortion” strategies. In double extortion campaigns, […]
Signs that a Large Language Model LLM has been compromised with backdoor Malware
As large language models (LLMs) become more deeply integrated into enterprise systems, developer tools, and decision-making pipelines, they also become attractive targets for malicious actors. One particularly dangerous threat is a backdoored LLM—a model that appears to function normally but has been subtly manipulated to behave maliciously under specific conditions. Detecting such compromises is challenging, […]
Everest Ransomware breaches Iron Mountain only to exfiltrate data
In recent months, cybersecurity experts have observed a notable shift in the tactics used by ransomware and hacking groups. Instead of relying solely on data encryption to extort money from businesses, many cybercriminals are now focusing primarily on data exfiltration—stealing sensitive information and monetizing it through resale or public exposure. This evolving strategy was evident […]
Ways to make exfiltrated data useless in double extortion attacks
Double‑extortion ransomware — where attackers both encrypt systems and steal (exfiltrate) sensitive data to threaten public release — raises the stakes for defenders. Even with the best prevention, some data may still be taken. The goal then becomes simple and measurable: render stolen data worthless to attackers so they can’t extort you, sell usable assets, […]
Ransomware attacks transform beyond data exfiltration and encryption
In recent years, ransomware attacks have been known primarily for data exfiltration and encryption, which disrupts operations and extorts companies for financial gain. However, a disturbing new trend has emerged. Criminals are evolving their tactics, not only demanding ransoms but also creating more insidious methods of exploitation, with the intention of making victims “learn a […]
Data exfiltration in ransomware attacks is hard to curb
Nowadays, ransomware attacks are not just about locking up systems and demanding ransom in exchange for decryption keys. A concerning trend has emerged where cybercriminals are increasingly stealing sensitive information — such as customer records, financial info, or proprietary information related to a business or organization — before launching their ransomware attack. The stolen data […]
