Jimmy Blake
@jimmyblake.bsky.social
GVP Cyber Resiliency Strategy, Cohesity. Infosec, equestrian sports, cricket and tennis are my passions.
ATT&CK v18: The Detection Overhaul You’ve Been Waiting For
ATT&CK v18: Detection Strategies, More Adversary Insights,
ATT&CK v18 is released with new Detection Strategies, Analytics, and revamped Data Components!
medium.com
November 1, 2025 at 10:24 AM
ATT&CK v18: The Detection Overhaul You’ve Been Waiting For
Everest Leaks AT&T Records, Demands $1M for Dublin Airport Passenger Data
Everest Leaks AT&T Records, Demands $1M for Dublin Airport Passenger Data
Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread
hackread.com
October 31, 2025 at 5:31 PM
Everest Leaks AT&T Records, Demands $1M for Dublin Airport Passenger Data
Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD to disable defences
Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD
Qilin ransomware group used Linux binaries on Windows to evade EDRs, steal backups, and disable defenses via BYOVD attacks.
securityaffairs.com
October 31, 2025 at 10:24 AM
Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD to disable defences
Qilin ransomware abuses WSL to run Linux encryptors in Windows
Qilin ransomware abuses WSL to run Linux encryptors in Windows
The Qilin ransomware operation was spotted executing Linux encryptors in Windows using Windows Subsystem for Linux (WSL) to evade detection by traditional security tools.
www.bleepingcomputer.com
October 30, 2025 at 5:31 PM
Qilin ransomware abuses WSL to run Linux encryptors in Windows
Global Ransomware Groups Hit Record High as Smaller Threat Actors Emerge www.cysecurity.news/2025/10/glob...
CySecurity News - Latest Information Security and Hacking Incidents: Global Ransomware Groups Hit Record High as Smaller Threat Actors Emerge
Global ransomware groups hit record high as smaller threat actors emerge, driving a fragmented cybercrime surge worldwide.
www.cysecurity.news
October 30, 2025 at 10:24 AM
Global Ransomware Groups Hit Record High as Smaller Threat Actors Emerge www.cysecurity.news/2025/10/glob...
MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile and Industrial Control Systems <- every update to ATT&CK helps us all uplift our cyber resiliency efforts by being able to describe adversary behaviour. Big kudos to MITRE.
MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS
MITRE has unveiled the latest version of ATT&CK, with the most significant changes in the defensive part of the framework.
www.securityweek.com
October 30, 2025 at 12:26 AM
MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile and Industrial Control Systems <- every update to ATT&CK helps us all uplift our cyber resiliency efforts by being able to describe adversary behaviour. Big kudos to MITRE.
Muji's minimalist vibe wrecked amid supply chain attack www.theregister.com/2025/10/21/m...
Muji's minimalist vibe wrecked amid supply chain attack
: Japanese retailer halts online orders after attack cripples third-party vendor
www.theregister.com
October 29, 2025 at 5:31 PM
Muji's minimalist vibe wrecked amid supply chain attack www.theregister.com/2025/10/21/m...
Ransomware Payouts Surge to $3.6m Amid Evolving Tactics www.infosecurity-magazine.com/news/ransomw...
Ransomware Payouts Surge to $3.6m Amid Evolving Tactics
According to ExtraHop’s latest threat landscape report, average ransomware payments surged 44% to $3.6m in 2025 despite fewer incidents
www.infosecurity-magazine.com
October 29, 2025 at 10:24 AM
Ransomware Payouts Surge to $3.6m Amid Evolving Tactics www.infosecurity-magazine.com/news/ransomw...
SocGholish Malware Using Compromised Sites to Deliver Ransomware hackread.com/socgholish-m...
SocGholish Malware Using Compromised Sites to Deliver Ransomware
Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread
hackread.com
October 28, 2025 at 5:31 PM
SocGholish Malware Using Compromised Sites to Deliver Ransomware hackread.com/socgholish-m...
Russian Government Now Actively Managing Cybercrime Groups: Recorded Future www.securityweek.com/russian-gove...
Russian Government Now Actively Managing Cybercrime Groups: Security Firm
The relationship between the Russian government and cybercriminal groups has evolved from passive tolerance.
www.securityweek.com
October 28, 2025 at 10:24 AM
Russian Government Now Actively Managing Cybercrime Groups: Recorded Future www.securityweek.com/russian-gove...
Asahi Group Confirms Ransomware Attack Disrupting Operations and Leaking Data www.cysecurity.news/2025/10/asah...
CySecurity News - Latest Information Security and Hacking Incidents: Asahi Group Confirms Ransomware Attack Disrupting Operations and Leaking Data
Group confirms ransomware attack disrupting operations and leaking data, delaying financial results amid ongoing investigation.
www.cysecurity.news
October 27, 2025 at 5:31 PM
Asahi Group Confirms Ransomware Attack Disrupting Operations and Leaking Data www.cysecurity.news/2025/10/asah...
LockBit Returns — and It Already Has Victims blog.checkpoint.com/research/loc...
LockBit Returns — and It Already Has Victims - Check Point Blog
Key Takeaways LockBit is back. After being disrupted in early 2024, the ransomware group has resurfaced and is already extorting new victims. New version,
blog.checkpoint.com
October 27, 2025 at 10:24 AM
LockBit Returns — and It Already Has Victims blog.checkpoint.com/research/loc...
MEA Hackers Target Gov'ts, Finance, and Small Retailers www.darkreading.com/cybersecurit...
MEA Hackers Target Gov'ts, Finance, and Small Retailers
In the hotly political Middle East, you'd expect hacktivism and disruption of services. But retail attacks?
www.darkreading.com
October 23, 2025 at 4:31 PM
MEA Hackers Target Gov'ts, Finance, and Small Retailers www.darkreading.com/cybersecurit...
Cyberattack on Jaguar Land Rover inflicts $2.5B loss on UK economy securityaffairs.com/183733/secur...
Cyberattack on Jaguar Land Rover inflicts $2.5B loss on UK economy
The attack on Jaguar Land Rover costs the UK economy $2.5B, marking its most damaging cyber incident, says CMC.
securityaffairs.com
October 23, 2025 at 9:24 AM
Cyberattack on Jaguar Land Rover inflicts $2.5B loss on UK economy securityaffairs.com/183733/secur...
Japanese retailer Muji halted online sales after a ransomware attack on logistics partner securityaffairs.com/183639/break...
Japanese retailer Muji halted online sales after a ransomware attack on logistics partner
Muji halted online sales after a ransomware attack on its logistics partner Askul, disrupting orders, app services, and website access.
securityaffairs.com
October 22, 2025 at 4:31 PM
Japanese retailer Muji halted online sales after a ransomware attack on logistics partner securityaffairs.com/183639/break...
Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE <- take note if you're the CISO or Director of Security Operations at a cryptocurrency exchange!
Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE
Lazarus Group used PondRAT, ThemeForestRAT, and RemotePE in a 2024 DeFi attack, likely via Chrome zero-day.
thehackernews.com
September 3, 2025 at 9:24 AM
Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE <- take note if you're the CISO or Director of Security Operations at a cryptocurrency exchange!
Ransomware Activity Nearly Triples in 2024 <- there is no light at the end of the rainbow unless you build resilience to a Ransomware attack. 100% protection is a fairytale, the only solution is to be able to response quickly and recover securely.
September 2, 2025 at 8:01 PM
Ransomware Activity Nearly Triples in 2024 <- there is no light at the end of the rainbow unless you build resilience to a Ransomware attack. 100% protection is a fairytale, the only solution is to be able to response quickly and recover securely.
CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities (KEV) Catalogue Amid Their Active Exploitation in the Wild hackread.com/cisa-citrix-...
CISA Adds Citrix and Git Flaws to KEV Catalogue Amid Active Exploitation
Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread
hackread.com
August 30, 2025 at 9:24 AM
CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities (KEV) Catalogue Amid Their Active Exploitation in the Wild hackread.com/cisa-citrix-...
According to ReliaQuest's report on the cybercriminal recruitment ecosystem, fluent English speakers with social engineering skills are highly sought after buff.ly/DfoCSDe
Cybercrime Is Hiring: Recruiting AI, IoT, and Cloud Experts to Fuel Future Campaigns
Cybercriminals are hiring AI, IoT, and cloud experts to scale cyberattacks, with dark-web forums doubling recruitment posts focused on social engineering skills.
buff.ly
August 29, 2025 at 4:32 PM
According to ReliaQuest's report on the cybercriminal recruitment ecosystem, fluent English speakers with social engineering skills are highly sought after buff.ly/DfoCSDe
New Phishing Kit Bypasses Multi Factor Authentication to Steal Microsoft 365 Credentials blog.knowbe4.com/new-phishing...
New Phishing Kit Bypasses MFA to Steal Microsoft 365 Credentials
Attackers are using a newly discovered phishing-as-a-service (PhaaS) platform dubbed “Salty 2FA” to target a wide range of industries across...
blog.knowbe4.com
August 29, 2025 at 9:24 AM
New Phishing Kit Bypasses Multi Factor Authentication to Steal Microsoft 365 Credentials blog.knowbe4.com/new-phishing...
Attackers stick with effective intrusion points, valid credentials and exploits <- this aligns with what is coming in most research and what we’re seeing, phishing attacks to get users to deploy malware are decreasing, those to capture cred and exploiting vulns increasing
Attackers stick with effective intrusion points, valid credentials and exploits
Infostealers fueled the staying power of identity-based attacks, increasing 84% on a weekly average last year, according to IBM X-Force.
cyberscoop.com
May 20, 2025 at 9:24 AM
Attackers stick with effective intrusion points, valid credentials and exploits <- this aligns with what is coming in most research and what we’re seeing, phishing attacks to get users to deploy malware are decreasing, those to capture cred and exploiting vulns increasing
CISA Warns of Exploited Broadcom and Commvault Vulnerabilities being exploited in the wild
CISA Warns of Exploited Broadcom, Commvault Vulnerabilities
CISA urges immediate patching for recently disclosed Broadcom, Commvault, and Qualitia vulnerabilities exploited in the wild.
www.securityweek.com
May 19, 2025 at 4:31 PM
CISA Warns of Exploited Broadcom and Commvault Vulnerabilities being exploited in the wild
Villain: Open-source framework for managing and enhancing reverse shells
Villain: Open-source framework for managing and enhancing reverse shells - Help Net Security
Villain is an open-source Stage 0/1 command-and-control (C2) framework designed to manage multiple reverse TCP and HoaxShell-based shells.
www.helpnetsecurity.com
May 19, 2025 at 9:24 AM
Villain: Open-source framework for managing and enhancing reverse shells
Symantec Links Betruger Backdoor Malware to RansomHub Ransomware Attacks
CySecurity News - Latest Information Security and Hacking Incidents: Symantec Links Betruger Backdoor Malware to RansomHub Ransomware Attacks
Symantec uncovers Betruger backdoor malware used by RansomHub affiliates in ransomware attacks targeting critical infrastructure and healthcare.
www.cysecurity.news
May 18, 2025 at 4:31 PM
Symantec Links Betruger Backdoor Malware to RansomHub Ransomware Attacks
ELENOR-corp Ransomware Targets Healthcare Sector
ELENOR-corp Ransomware Targets Healthcare Sector
ELENOR-corp ransomware, a new version of Mimic, is targeting healthcare organizations using advanced capabilities
www.infosecurity-magazine.com
May 18, 2025 at 9:24 AM
ELENOR-corp Ransomware Targets Healthcare Sector