Explore

Rapid Read Rapid Read
WinRAR Vulnerability CVE-2025-6218 Exploited by Multiple Threat Groups

WinRAR Vulnerability CVE-2025-6218 Exploited by Multiple Threat Groups

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability in the WinRAR file archiver, identified as CVE-2025-6218, to its Known Exploited Vulnerabilities catalog. This path traversal bug, which affects Windows-based builds, allows attackers to execute code by tricking users into opening malicious files. Despite being patched in June 2025, the flaw is actively exploited by threat groups such as GOFFEE, Bitter, and Gamaredon. These groups have used the vulnerability in targeted attacks, including phishing campaigns against Ukrainian entities, to deploy malware and conduct espionage operations.
Rapid Read Rapid Read
U.S. Indicts Ukrainian Woman for Alleged Role in Russia-Backed Cyberattacks

U.S. Indicts Ukrainian Woman for Alleged Role in Russia-Backed Cyberattacks

The U.S. Department of Justice has indicted Victoria Dubranova, a Ukrainian woman, for her alleged involvement in cyberattacks orchestrated by Russia-backed groups. These groups, including the Cyber Army of Russia Reborn (CARR), have targeted U.S. infrastructure, causing disruptions in water and meat processing facilities. Dubranova, extradited to the U.S. and pleading not guilty, is accused of conspiracy to damage protected computers and tamper with public systems. The Justice Department alleges that Russia's GRU intelligence agency founded and funded CARR, while another group, NoName057, is linked to an IT organization established by President Putin. These groups have been active in cyber-espionage, targeting critical U.S. sectors and boasting about their exploits on social media.
Rapid Read Rapid Read
U.S. Charges Ukrainian Hacker for Cyberattacks on Critical Infrastructure Backed by Russian Groups

U.S. Charges Ukrainian Hacker for Cyberattacks on Critical Infrastructure Backed by Russian Groups

The U.S. Department of Justice has charged Victoria Eduardovna Dubranova, a Ukrainian national, for her alleged involvement in cyberattacks on critical infrastructure as part of Russian-backed operations. Dubranova is accused of working with CyberArmyofRussia_Reborn (CARR) and NoName057(16), groups that have targeted water systems, food processing facilities, and government networks in the U.S. and allied countries. The groups are said to have received support from Russia's GRU and have conducted numerous attacks since 2022. Dubranova faces multiple charges, including conspiracy to damage protected computers, and has pleaded not guilty.
Rapid Read Rapid Read
Key Reforms Proposed to Strengthen U.S. Cybersecurity

Key Reforms Proposed to Strengthen U.S. Cybersecurity

A new op-ed outlines ten key reforms aimed at closing cybersecurity gaps in the United States. The proposed measures emphasize the need for collaboration between government and private sectors, prioritizing the security of critical infrastructure, and adopting memory-safe programming languages. The reforms also advocate for the use of formal methods to enhance software security, the establishment of zero trust architectures, and the improvement of data resilience. Additionally, the op-ed suggests proactive threat hunting and the creation of regional resilience districts to manage cybersecurity risks. The authors highlight the importance of leveraging emerging technologies, such as artificial intelligence, to bolster both offensive and defensive cybersecurity capabilities.
Rapid Read Rapid Read
Ransomware Payments Decline as Treasury Data Indicates Positive Trend

Ransomware Payments Decline as Treasury Data Indicates Positive Trend

The U.S. Treasury Department released a report indicating a decline in ransomware payments, suggesting a potential decrease in ransomware activity. According to the Financial Crimes Enforcement Network (FinCEN), total payments dropped 33% from $1.1 billion in 2023 to $734 million in 2024. Despite this positive trend, the number of ransomware attacks remains high, with 1,476 incidents reported last year. Manufacturing, financial services, and healthcare sectors were most affected. The report highlights the importance of reducing payments to deter future attacks, although the overall impact on ransomware prevalence is yet to be determined.
Trendline Trendline
Red Canary's Keith McCammon Discusses Cybersecurity Leadership and Challenges

Red Canary's Keith McCammon Discusses Cybersecurity Leadership and Challenges

Red Canary's Keith McCammon Discusses Cybersecurity Leadership and Challenges
Rapid Read Rapid Read
US Treasury Reports Ransomware Payments Surpass $4.5 Billion, Highlighting Cybersecurity Challenges

US Treasury Reports Ransomware Payments Surpass $4.5 Billion, Highlighting Cybersecurity Challenges

The US Treasury's Financial Crimes Enforcement Network (FinCEN) has reported that ransomware payments have exceeded $4.5 billion by the end of 2024, with the highest levels recorded in 2023. The Financial Trend Analysis report indicates that over $2.1 billion was paid to ransomware groups between 2022 and 2024, with $1.1 billion in 2023 alone. The report highlights that 10,470 Bank Secrecy Act reports related to ransomware incidents were filed between 2013 and 2024, with the majority occurring between 2022 and 2023. The most affected sectors include financial services, manufacturing, and healthcare. The report also notes that the Tor network is the preferred communication method for threat actors, and Bitcoin is the favored payment method.
Rapid Read Rapid Read
Defense Department Mandates Secure Phones and AI Cybersecurity Training in New Bill

Defense Department Mandates Secure Phones and AI Cybersecurity Training in New Bill

The U.S. Defense Department is set to implement new cybersecurity measures as part of the fiscal 2026 National Defense Authorization Act (NDAA). This comprehensive legislation, agreed upon by House and Senate negotiators, includes provisions for secure mobile phones for senior leaders and enhanced cybersecurity training that incorporates artificial intelligence (AI) challenges. The bill mandates that the Defense Secretary ensures mobile phones used by senior leaders and personnel on sensitive missions meet stringent cybersecurity requirements, such as data encryption. Additionally, the bill emphasizes the need for cybersecurity training for Armed Forces members and civilian employees, focusing on AI-related challenges. The legislation also addresses mental health services for cyber troops, ensuring behavioral health specialists with security clearances are available to the U.S. Cyber Command and Cyber Mission Force.
Rapid Read Rapid Read
U.S. Offers $10 Million Reward for Information on IRGC-Linked Cyberattack Leaders

U.S. Offers $10 Million Reward for Information on IRGC-Linked Cyberattack Leaders

The U.S. State Department has announced a reward of up to $10 million for information leading to the capture of Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi, who are accused of conducting cyberattacks on behalf of Iran's Revolutionary Guard Corps Cyber-Electronic Command. This unit, known as Shahid Shushtari, has been involved in cyber operations targeting critical infrastructure across the U.S., Europe, and the Middle East. The group, also identified as Cotton Sandstorm and Haywire Kitten, has been active since 2018 and has been linked to efforts to influence the 2020 U.S. presidential election. The Treasury Department previously sanctioned the group and its members for these activities.
Rapid Read Rapid Read
CIA's Stealth Drone Loss in Iran Raises Concerns Over Cybersecurity and Espionage

CIA's Stealth Drone Loss in Iran Raises Concerns Over Cybersecurity and Espionage

In December 2011, the Central Intelligence Agency (CIA) lost control of a stealth drone near Kashmar, Iran, which was subsequently displayed by the Iranian military as a trophy. This incident raised questions about whether the drone, a Lockheed Martin RQ-170 Sentinel, had simply malfunctioned or if it had been commandeered by Iranian hackers. The event highlighted the growing capabilities of Iran's cyber forces, which had already been a concern for U.S. officials. The situation became more complex with the involvement of Mohammad Hossein Tajik, an Iranian intelligence officer who claimed to have been a CIA asset. Tajik's communications with a journalist revealed his discontent with the Iranian regime and his desire to leak sensitive information as a form of revenge. His story, however, ended tragically when he was found dead under suspicious circumstances, raising further questions about espionage and counterintelligence operations in Iran.
Reuters Reuters
No need to 'break' with US over security policy, German spy chief says

No need to 'break' with US over security policy, German spy chief says

By Sarah Marsh BERLIN, Dec 8 (Reuters) - There is no need for a rupture between Europe and the U.S. over Washington's new Security Strategy warning of "civilizational erasure" in the Old World, Germany's spy chief said on Monday. 
Rapid Read Rapid Read
Vitas Hospice Data Breach Affects Over 300,000 Individuals, Exposing Sensitive Information

Vitas Hospice Data Breach Affects Over 300,000 Individuals, Exposing Sensitive Information

Vitas Healthcare, the largest for-profit hospice chain in the U.S., experienced a significant data breach affecting over 300,000 individuals. The breach, discovered on October 24, involved unauthorized access to Vitas systems via a compromised vendor account. The attacker maintained access from September 21 to October 27, during which personal information of current and former patients was downloaded. This included names, addresses, phone numbers, dates of birth, driver's license numbers, Social Security numbers, medical and insurance information, and contact details for next of kin. The U.S. Department of Health and Human Services' data breach tracker confirmed the impact on 319,177 individuals. The nature of the attack remains unclear, with no known ransomware group claiming responsibility.