Laatste Verhalen

Blijf op de hoogte van alles bij Approach

Blog article

Weekly Digest Week 19 – 2025

Publicatiedatum

09.05.2025

Featured Story

LockBit Ransomware Hacked, Insider Secrets Exposed

LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a link to a leaked database. The data dump covers activities from December 2024 to April 2025, including negotiation chats, victim data, and internal operations.

SOC Analysis: This week’s headline story revolves around the breach of the LockBit ransomware gang’s infrastructure—a rare and ironic twist. It serves as a stark reminder: even cybercriminals are vulnerable when basic security practices are neglected. The breach offers a treasure trove of intelligence on insider tactics, affiliate behavior, and negotiation strategies—critical for enhancing defenses against ransomware attacks.

Other Stories

Attacks Surge Against Antiquated Routers

The FBI has issued an alert warning of renewed activity targeting outdated routers that are no longer updated. Threat actors are exploiting unpatched, end-of-life devices to gain entry into networks.

SOC Analysis: The FBI’s warning highlights the urgency of maintaining an accurate inventory of network hardware. Legacy devices often fly under the radar but remain deeply exposed. Regular audits, decommissioning unsupported devices, and keeping firmware updated are vital for cybersecurity hygiene.

One-Third of Online Users Hit by Account Hacks Due to Weak Passwords

New research from the FIDO Alliance indicates that more than a third of users have experienced account compromises due to weak or reused passwords over the past year.

SOC Analysis: Despite the rise of MFA and passkey adoption, passwords remain a major attack surface. The prevalence of weak or reused credentials underlines the need for strong password policies, widespread use of password managers, and multi-factor authentication.

EDR Bypass via “Bring Your Own Installer” in Ransomware Attack

A novel “Bring Your Own Installer” (BYOI) technique has been used to bypass EDR solutions, allowing attackers to deploy Babuk ransomware. SentinelOne recommends enabling the “Online Authorization” setting to mitigate the risk.

SOC Analysis: The emergence of BYOI underscores that sophisticated attackers can undermine trusted defenses by abusing legitimate installers. While EDR remains essential, it must be reinforced with layered defenses like threat intelligence, segmentation, access control, and user training.

Beware of Phishing Emails About the Argenta App

Fraudulent emails impersonating Argenta bank are circulating, urging users to update the Argenta app via a link that steals banking credentials. Always navigate to the official Argenta site directly.

SOC Analysis: Never click links in suspicious emails—especially those claiming to come from banks. Always access services directly via official websites or apps. Forward suspicious content to Safeonweb at
verdacht@safeonweb.be, suspect@safeonweb.be, or suspicious@safeonweb.be. The SOC team is available for verification or assistance.

ANDERE VERHALEN

Weekly Digest Week 32 – 2025

Weekly Digest Week 30 – 2025

Weekly Digest Week 29 – 2025

Neem contact met ons op voor meer informatie over onze diensten en oplossingen

Ons team helpt je op weg naar cybersereniteit

Stuur je ons liever een e-mail?

info@approach-cyber.com

Facebook-f Linkedin-in Youtube

Onze certificeringen en labels

Facebook-f Linkedin-in Youtube
Facebook-f Linkedin-in Youtube