Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Business email compromise rackets still going strong, cybersecurity fi...
Infostealer threat group shows resilience despite major takedown and t...
Survey recaps well-known cybersecurity hurdles for Operational Technol...
AI model o3 defies shutdown commands autonomously, with code tampering
ATxEnterprise 2025 Boosts Global Participation, Reinforces Singapore&#...
LOGIN REGISTER
CybersecAsia
  • Conference 2025
  • Features
    • Featured

      Will your organization’s defenses be breached due to your suppliers’ weak cybersecurity?

      Will your organization’s defenses be breached due to your suppliers’ weak cybersecurity?

      Thursday, May 29, 2025, 5:04 PM Asia/Singapore | Features, Newsletter
    • Featured

      How the UAE proactively protects its digital economy

      How the UAE proactively protects its digital economy

      Monday, May 19, 2025, 2:16 PM Asia/Singapore | Features
    • Featured

      Navigating blockchain adoption amid rising security challenges

      Navigating blockchain adoption amid rising security challenges

      Wednesday, May 14, 2025, 12:32 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2024
  • Directory
  • E-Learning

Select Page

LOGIN REGISTER
  • Conference 2025
  • Features
    • Featured

      Will your organization’s defenses be breached due to your suppliers’ weak cybersecurity?

      Will your organization’s defenses be breached due to your suppliers’ weak cybersecurity?

      Thursday, May 29, 2025, 5:04 PM Asia/Singapore | Features, Newsletter
    • Featured

      How the UAE proactively protects its digital economy

      How the UAE proactively protects its digital economy

      Monday, May 19, 2025, 2:16 PM Asia/Singapore | Features
    • Featured

      Navigating blockchain adoption amid rising security challenges

      Navigating blockchain adoption amid rising security challenges

      Wednesday, May 14, 2025, 12:32 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2024
  • Directory
  • E-Learning
Malware & RansomwareNews

Worried about rising ransomware threats? Patch actively exploited vulnerabilities fast

By CybersecAsia editors | Thursday, March 20, 2025, 9:29 AM Asia/Singapore

Worried about rising ransomware threats? Patch actively exploited vulnerabilities fast

Proactive threat hunting and fast response to accurately detected suspicious lateral movements of attackers should also be de facto: threat report

Based on information from openly available sources*, a cybersecurity firm has found that February 2025 had 962 cases of ransomware attacks analyzed — a 126% increase of claimed victims year-over-year compared to the same month’s figures analyzed by the same firm in 2024.

Of the 962 cases analyzed, 335 were claimed by the Clop (Cl0p) group: a 300% jump compared to data sources analyzed from January 2025.

It has been asserted that Clop (and other ransomware groups) have shifted tactics to focus on opportunistic attacks using newly discovered software vulnerabilities in edge network devices rather than on specific firms or industries. The idea is that “cybercriminals, regardless of whether they are financially motivated or state-affiliated, focus on finding vulnerabilities that meet certain criteria”:

  • The vulnerabilities have high-risk CVSS scores (>7.0)
  • The vulnerabilities allow attackers to remotely take control of a system
  • The vulnerabilities affect software that is accessible from the Internet
  • An exploit developer or malicious actor has already published the proof of concept for the exploitation process

Based on the above hypotheses, “less than 24 hours following the vulnerability’s public disclosure, threat actors launch automated scanners that scour the internet and establish remote access to vulnerable systems. After this initial access blitz, threat actors begin the second stage of the attack – the manual hacking of victims. This second stage takes time. Attackers need to figure out which systems are worth their effort, and then they have to manually hack their way deeper, typically using Living Off the Land techniques to evade detection. This delay means the actual ransomware attack or data theft typically happens weeks or even months after threat actors gain initial access.”

The really practical findings by Bitdefender, the firm that released its monthly threat debrief for February 2025, are that organizations should strengthen three defenses against ransomware risks in general: prioritizing patching of actively exploited vulnerabilities; proactive threat hunting for hidden threats and backdoors; and combining EDR/XDR with SOC/MDR.

*Specified as “things like news reports and research – with data gathered by analyzing Data Leak Portals” where claims cannot be independently verified

Share:

PreviousNew ransomware group exploits firewall vulnerabilities: Is your affected firewall patched?
NextMindsprint Appoints Suresh Sundararajan as Chief Executive Officer

Related Posts

New cyber espionage campaign targets high ranking Israeli officials

New cyber espionage campaign targets high ranking Israeli officials

Friday, April 8, 2022

Watch out! Most Android apps vulnerable to the StrandHogg flaw

Watch out! Most Android apps vulnerable to the StrandHogg flaw

Wednesday, December 4, 2019

Are global organizations ready for 2022’s cybersecurity risks?

Are global organizations ready for 2022’s cybersecurity risks?

Wednesday, December 15, 2021

Cybersecurity risks related to US tariffs

Cybersecurity risks related to US tariffs

Monday, April 14, 2025

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • St Luke’s ElderCare enhances operations and capabilities through a centralized secure, scalable network

    St Luke’s ElderCare enhances operations and capabilities through a centralized secure, scalable network

    With only a small IT team, the digital transformation has united operations across 30 locations, …Read more
  • Automating border control and security with facial recognition technology

    Automating border control and security with facial recognition technology

    Indonesia Immigration & Seaport Authorities enhances security and speeds up border control queues at Batam …Read more
  • Securing wealth advisory services without unnecessary friction: Endowus

    Securing wealth advisory services without unnecessary friction: Endowus

    The wealth advisory platform demonstrates its non-negotiable commitment to a robust security posture through partnering …Read more
  • LifeTech group sets up next-gen security operations center in Malaysia

    LifeTech group sets up next-gen security operations center in Malaysia

    By partnering with a unified cybersecurity platform, the firm will be offering cost-effective advanced SOC …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.