CyberSecurityBoard
Sponsor Register Login

GLOBAL GROUP RaaS Operators Enable AI-driven Negotiation Functionality

GLOBAL GROUP, operated by threat actor “$$$”, has claimed 17 victims across multiple countries since its June 2025 launch, demonstrating rapid operational scaling through automated systems and strategic partnerships with Initial Access Brokers. The group also utilizes brute-force tools targeting Microsoft Outlook Web Access and RDWeb portals, enabling rapid deployment while bypassing traditional endpoint detection systems. Partnerships with Initial Access Brokers and brute-force tools targeting VPN/Outlook systems accelerate deployment while bypassing EDR detection. GLOBAL GROUP launched in June 2025 as a rebranded Black Lock RaaS operation, claiming 17 victims across the US, UK, Australia, and Brazil.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 15 Jul 2025 13:35:13 +0000


Cyber News related to GLOBAL GROUP RaaS Operators Enable AI-driven Negotiation Functionality

Rise in RaaS Operations and Implications for Business Security - Recently, there had been news regarding the cyber-attack in a Japanese port, that blocked the smooth transfer of goods - a hack in a Las Vegas resort which led to malfunction in slot machines and guest check-ins and a whopping $100 million loss, and ...
1 year ago Cysecurity.news
25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
2 weeks ago Cybersecuritynews.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
9 months ago Securelist.com
Cybercrime experts reveal how to infiltrate ransomware gangs The Register - Though it happens rarely, it's always a good day when a ransomware group is taken down by law enforcement. Singapore-based Group-IB celebrated its 20th anniversary in the cybersecurity industry this year, and during this time its researchers have ...
1 year ago Go.theregister.com Qilin
Cybercrime experts reveal how to infiltrate ransomware gangs The Register - Though it happens rarely, it's always a good day when a ransomware group is taken down by law enforcement. Singapore-based Group-IB celebrated its 20th anniversary in the cybersecurity industry this year, and during this time its researchers have ...
1 year ago Theregister.com Qilin
GLOBAL GROUP RaaS Operators Enable AI-driven Negotiation Functionality - GLOBAL GROUP, operated by threat actor “$$$”, has claimed 17 victims across multiple countries since its June 2025 launch, demonstrating rapid operational scaling through automated systems and strategic partnerships with Initial Access ...
5 hours ago Cybersecuritynews.com
Cyber Insights 2023: Criminal Gangs - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. Despite some geopolitical overlaps with state attackers, the majority of ...
2 years ago Securityweek.com
CVE-2022-48895 - In the Linux kernel, the following vulnerability has been resolved: ...
6 months ago
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Ransomware Mastermind Uncovered After Oversharing on Dark Web - When researchers responded to an ad to join up with a ransomware-as-a-service operation, they wound up in a cybercriminal job interview with one of the most active threat actors in the affiliate business, who turns out to be behind at least five ...
1 year ago Darkreading.com
security and privacy in Facebook groups - Having found myself roped into assisting as co-administrator a couple of Facebook groups with security/privacy issues, I thought I should, perhaps, share what little I know about defending your group against scam and spam posts and comments by ...
1 year ago Securityboulevard.com
Pathfinder AI - Hunters Announces New AI Capabilities with for Smarter SOC Automation - “Hunters has already made a significant impact on our security operations by reducing manual investigations, streamlining data ingestion, and improving threat visibility. Unlike static rule-based automation, Agentic AI dynamically adapts, ...
4 months ago Cybersecuritynews.com Hunters
NCC Group records the most ransomware victims ever in 2023 - While coordinated law enforcement action and government initiatives helped in the fight against ransomware last year, NCC Group still recorded an 84% increase in attacks during 2023. The report included data from NCC Group's Cyber Incident Response ...
1 year ago Techtarget.com Rocke 8base LockBit BianLian Medusa
LockBit Ransomware Affiliate Sentenced to Prison in Canada - A Russian-Canadian national was sentenced to nearly four years in prison in Canada for his role in the LockBit ransomware operation. The man, Mikhail Vasiliev, 34, was arrested in October 2022 in his home in Bradford, Ontario. In February 2024, he ...
1 year ago Securityweek.com LockBit
BlackLock Emerging As a Major Player In RaaS With Variants for Windows, VMWare ESXi, & Linux Environments - Since its emergence in March 2024, the BlackLock ransomware operation (aka El Dorado) has executed a meteoric rise through the ransomware-as-a-service (RaaS) ranks, leveraging custom-built malware and sophisticated anti-detection techniques to ...
4 months ago Cybersecuritynews.com LockBit Ransomhub
Driven Technologies Expands Expertise With Acquisition of ieMentor - PRESS RELEASE. NEW YORK, Jan. 3, 2024 /PRNewswire/ - Driven Acquisition Inc, DBA Driven Technologies, a NY based leading cybersecurity and cloud service provider, today announced the acquisition of ieMentor, a Cisco Gold Partner with multiple ...
1 year ago Darkreading.com
Notorious Black Basta Tactics, Techniques and Procedures Uncovered From Leak - This security breach rivals the 2022 leaks that affected the Conti ransomware gang and has given threat intelligence experts valuable information about Black Basta’s capabilities, tools, and motivations. According to threat hunters at Intel471 ...
4 months ago Cybersecuritynews.com Black Basta Hunters
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta
Strata Identity Reins in Global Access and Compliance Challenges With Cross-Border Orchestration Recipes - PRESS RELEASE. BOULDER, Colo., Feb 15, 2024 - Strata Identity, the Identity Orchestration company, today announced Global Access Orchestration Recipes that manage the complex identity relationships and processes associated with meeting data ...
1 year ago Darkreading.com
Dragon RaaS Leading 'Five Families' Crimeware With New Initial Access & Exploitation Methods - A sophisticated Ransomware-as-a-Service (RaaS) operation known as ‘Dragon’ has emerged as the dominant force within the notorious “Five Families” of crimeware, implementing advanced initial access techniques and exploitation ...
3 months ago Cybersecuritynews.com
RansomHub Ransomware-as-a-service Facing Internal Conflict as Affiliates Lost Access to Chat Portals - Unlike many competitors, RansomHub implemented a business model that directed ransom payments either directly to affiliates or split them at the point of transaction, significantly reducing the risk of “exit-scamming” – a common problem ...
3 months ago Cybersecuritynews.com Dragonforce Black Basta Ransomhub
DOJ Seizes Ransomware Site as BlackCat Threatens More Attacks - U.S. law enforcement agencies said they shut down the online operations of the notorious Russia-linked BlackCat ransomware-as-a-service group and developed a decryption tool that will help more than 500 victims regain access to their encrypted data ...
1 year ago Securityboulevard.com
Ukrainian hackers disrupt internet providers in Russia-occupied territories - Ukrainian hackers have temporarily disabled internet services in parts of the country's territories that have been occupied by Russia. The group of cyber activists known as the IT Army said on Telegram that their distributed denial-of-service attack ...
1 year ago Therecord.media
DragonForce Ransomware Empowers Affiliates with Modular Toolkit to Create Custom Ransomware Payloads - Cyber Security News - Additionally, the system includes stealth-optimized encryption algorithms designed to bypass endpoint detection and response solutions, multilingual victim portals for global operations, and comprehensive affiliate support including technical ...
2 weeks ago Cybersecuritynews.com Dragonforce LockBit
Cisco and Megaport Simplify Cloud Networking with Pay-As-You-Go Model - In the ever-evolving world of digital connectivity, Cisco continues to pave the way with innovative solutions not just centered around technological advances, but also around how those advances can easily be consumed by customers. Integrating Cisco ...
1 year ago Feedpress.me

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)