Our latest #threatactor deep dive focuses on INC Ransom. 📋 An overview of the group 📈 Recent attack trends 🪢 Connection to Lynx Ransomware 🔍 Tactics, techniques, and procedures 𝐑𝐞𝐚𝐝 𝐦𝐨𝐫𝐞: surefirecyber.com/threat-actor-p… #cybersecurity #ransomware #DFIR #threatintel

Today, we celebrate freedom, unity, and independence. As we gather with family and friends, let us take a moment to reflect on the values that bring us together. Wishing everyone a day filled with joy, pride, and gratitude! #Happy4th #IndependenceDay

We're thrilled to welcome Sam to Surefire Cyber! 👏Sam will be instrumental in helping our clients strengthen their #cybersecurity posture and mitigate risks by developing and implementing robust #cyber #resiliency frameworks. #DFIR #incidentresponse

Yesterday our team identified a posting on #threatactor group RansomedVC’s leak site which appears to be a release of internal chats by Medusa affiliate members. Learn more about the posts and why they are important: surefirecyber.com/ransomedvc-pos… #threatintel #cybersecurity

Recent analysis of #ransomware group data leak sites reveals an increasing trend of multiple #threatactors claiming the same victim within overlapping timeframes. For our team's root cause analysis and outlook and assessment, visit: surefirecyber.com/multi-actor-vi… #threatintel

We’re thrilled to announce four well-deserved promotions! 🚀 These individuals have shown incredible teamwork, tenacity and empathy, and we’re incredibly proud to support their growth and development. Please join us in congratulating Lauren, Matt, John, and Grissel! 👏 #DFIR

⚙️ Create operational efficiencies 🔍 Provide greater transparency & real time resource availability 💲 Better predict response costs 📊Deliver more accurate budgeting & faster invoicing ⏱️ Accelerate delivery of outcomes, therefore reducing BI surefirecyber.com/respond/

Multi-mailbox #BEC campaigns represent a significant escalation in #threatactor sophistication, with attackers targeting multiple accounts within organizations to establish persistent access through email forwarding & filtering rules. Read more: surefirecyber.com/bec-trends-jun… #phishing

We’re thrilled to welcome Colin to our team! With his strong foundation in #cyberinsurance, he'll play a pivotal role in effectively overseeing and driving #cybersecurity projects within Surefire Cyber and ensuring seamless collaboration and alignment within our teams. #DFIR

Thank you everyone for joining us today! ⚾️⚾️⚾️It was a hot one! ☀️ Thank you Digital Asset Redemption, Entara and Spektrum Labs for co-sponsoring!

⏱️Responsiveness day/night 🤝Critical thinking to help make timely decisions 🧠Deep experience managing cyber incidents 🧭Empathy to guide during a difficult time 🔍Transparent pricing & clear communication 💪Knowledge & skills to help you emerge stronger surefirecyber.com/our-team/

Between Q1 and Q2, there was an 18% rise in the number of #threatactors launching #ransomware campaigns against victims. Dive deeper into the threat actor behaviors our team tracked throughout the quarter. Read more: surefirecyber.com/threat-actor-g… #DFIR #IR #threatintel #cybersecurity

YTD 54% of our #ransomware cases involved VPN as the RPOC. Matt Dowling on our team speaks with NetDiligence® about the biggest security gaps, how #threatactors move laterally once in a network, most effective steps to prevent these attacks & emerging technologies and strategies.

🚨 New #threatactor PEAR (Pure Extraction and Ransom) posted 18 victims—14 with data—to their leak site. Focused solely on #dataexfiltration, they position themselves as a penetration test service. Important to note during any interaction with the TA. We'll be monitoring closely.

#Ransomware #threatactors continue to target remote access vectors, with virtual private network access remaining the most common entry point — but with #MFA adoption rising, ransomware groups are adapting their tactics Read more: surefirecyber.com/rpoc-analysis-… #VPN #DFIR #IR

We don’t just grow—we strengthen. Chris brings the experience, mindset & rigor that defines our work—collaborating closely, responding with urgency & standing shoulder-to-shoulder with our clients to help them through a difficult time. #cybersecurity #DFIR #IR #incidentresponse

We recently identified that Qilin #ransomware now uses double #encryption on high value data — a major tactical shift that increases incident impact while demonstrating a sophisticated understanding of enterprise infrastructure. Read more: surefirecyber.com/new-qilin-tech… #cybersecurity

Since emerging in 2023, DragonForce has rapidly expanded from #hacktivist origins to becoming a major player in financially motivated #cybercrime, with over 105 confirmed victims across multiple sectors and geographies. Read more: surefirecyber.com/threat-actor-p… #ransomware

Third-party #vendorrisks, outdated and unpatched systems, #PHI theft, and regulatory compliance are just a few of the #cybersecurity challenges facing #healthcare organizations. Early bird registration ends tomorrow. 𝐑𝐞𝐠𝐢𝐬𝐭𝐞𝐫: mplassociation-events.org/claims-risk-pa… MPL Association

In July, we observed an increase in the use of Adversary-in-the-Middle (#AiTM) techniques within #BEC campaigns. This integration represents a fundamental shift in the threat landscape that renders traditional security controls insufficient. Learn more: surefirecyber.com/bec-trends-jul…