Cyber Safety
Posts
Revived Black Basta Tactics & DDoS on Finance

Revived Black Basta Tactics & DDoS on Finance

June 11, 2025

In partnership with

Former Black Basta Operatives Revive Tactics with Python and Teams in Bold New Cyberattacks!

In a striking evolution of cybercriminal tactics, former members of the notorious Black Basta ransomware group are back in action, employing familiar methods with a tech twist in 2025. According to a report by ReliaQuest, these attackers are utilizing Microsoft Teams and Python scripts to enhance their phishing efforts and maintain access to targeted networks. Key highlights include:

• Familiar Techniques: Email bombing and Teams phishing remain prominent, now supplemented by Python script execution.
• Emerging Threat: Over half of observed Teams phishing attacks came from onmicrosoft.com domains, allowing stealthy impersonation of legitimate traffic.
• New Alliances: There's speculation that these former affiliates may have joined or formed new groups, likely the CACTUS RaaS.

As cyber threats morph and multiply, it's clear that both innovation and deception remain at the heart of ransomware attacks, challenging organizations to stay vigilant and adaptive.

Optimize global IT operations with our World at Work Guide

Explore this ready-to-go guide to support your IT operations in 130+ countries. Discover how:

Standardizing global IT operations enhances efficiency and reduces overhead
Ensuring compliance with local IT legislation to safeguard your operations
Integrating Deel IT with EOR, global payroll, and contractor management optimizes your tech stack

Leverage Deel IT to manage your global operations with ease.

Download free guide

Prepare Your Team: Master AI-Powered Cybersecurity Training for Tomorrow's Threats!

In an era where AI-driven cyberattacks are on the rise, traditional cybersecurity training is losing its effectiveness. The article highlights the urgent need for organizations to shift from mere awareness to proactive readiness in their cybersecurity approaches. Here are key insights:

• AI Threat Growth: Cyberattacks are projected to increase by 63% annually, with AI-generated phishing emails achieving a staggering 30-44% success rate.
• Training Shortcomings: Traditional programs often use outdated content and lack the adaptability required to combat evolving threats.
• Emphasis on Readiness: Organizations need continuous, automated training that builds instincts through realistic simulations tailored to individual vulnerabilities.
• Micro-Learning: Bite-sized training sessions enhance retention and engagement.

To effectively combat emerging threats, the article champions CybeReady’s fully automated, personalized cybersecurity training platform—designed specifically for the AI era. With the stakes higher than ever, now is the time for businesses to transform their cybersecurity training and be truly AI-ready!

Financial Firms Under Siege: DDoS Attacks Surge as Cybercriminals Get Craftier!

DDoS attacks are on the rise, particularly targeting financial services firms, as cybercriminals increasingly seek to cripple organizations’ networks. A recent study by the Financial Services Information Sharing and Analysis Center (FS-ISAC) and Akamai has revealed alarming trends:

• DDoS incidents surged dramatically from 2014 to 2024, peaking at 350 events in October.
• The financial sector is the primary target, facing both website and API attacks.
• Attacks have evolved from basic flooding to sophisticated, multi-dimensional assaults that exploit complex vulnerabilities.

While some firms successfully mitigate these disruptions, the sophistication of attacks poses new challenges. Cybercrime-as-a-service is making it easier for perpetrators to launch these attacks, complicating the defense landscape for financial institutions. As DDoS attacks become more advanced, these firms must continuously innovate their security strategies to safeguard against future threats.

Unlocking Cyber Resilience: Why Strong DNS Security is Your Best Defense!

In the realm of cybersecurity, one component often overlooked is the Domain Name System (DNS), yet it serves as a crucial first line of defense against cyber threats. Understanding and securing DNS is essential, as attackers frequently exploit its vulnerabilities.

Key takeaways include:

• Critical Role: DNS translates user-friendly domain names into numerical IP addresses, facilitating every online interaction.
• Target for Attacks: Unsecured DNS can lead to DNS spoofing, hijacking, tunneling, and DDoS attacks, risking entire businesses.
• Proactive Defense: Monitoring DNS traffic allows organizations to detect and neutralize threats earlier, enhancing overall security.

With DNS security not just an option but a necessity, providers like ClouDNS offer advanced features such as DDoS protection and DNSSEC to fortify defenses. Prioritizing DNS security is vital for maintaining a trustworthy digital presence in an increasingly complex cyber landscape.