Aggregator

Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit designed to map out an organization’s

The post Frogy: The New Recon Tool That Maps and Prioritizes Your Entire Attack Surface appeared first on Penetration Testing Tools.

据统计，遭勒索软件威胁的受害者付款比例降至历史新低，仅有23%的遭入侵企业屈服于攻击者的勒索要求。除个别情况外，这一付款比例的下降延续了Coveware公司过去六年观察到的趋势。

2024年第一季度，付款比例为28%；尽管后续一段时间有所回升，但整体持续下滑，最终在2025年第三季度触及历史最低点。

一、付款率下降的核心原因

1. 企业针对勒索软件实施了更强大、更具针对性的防护措施。

2. 有关部门持续向受害者施压，呼吁其不要向黑客支付赎金。

Coveware表示：“网络防御人员、执法机构和法律专家应将这一现象视为集体努力取得成效的证明。”为预防攻击、降低攻击影响、成功应对网络勒索所做的每一份努力——每一笔避免支付的赎金，都在切断网络攻击者的生存空间。

2019-2022年内赎金支付的百分比

二、勒索软件攻击的关键趋势演变

1. 攻击模式：从单纯加密转向“双重勒索”

多年来，勒索软件团伙已从单纯的加密攻击，转向伴随数据窃取与公开泄露威胁的“双重勒索”模式。报告显示，2025年第三季度其监测到的攻击中，超76%涉及数据窃取——这已成为大多数勒索软件团伙的首要目标。

该报告指出，若仅统计不加密数据、仅窃取信息的攻击案例，付款率会骤降至19%，这也是该细分类型的历史最低记录。

2. 赎金金额：平均与中位数付款额双双下降

2025年第三季度的初始访问向量

据Coveware数据，2025年第三季度的平均赎金与中位数赎金较上一季度均有所下降，分别降至37.7万美元和14万美元。这一变化可能反映出大型企业正在修订赎金支付政策，意识到将资金用于加强防御、防范未来攻击更为合理。

3. 攻击目标：聚焦中型企业，大型企业仍存风险

研究人员还发现，2025年第三季度占所有记录攻击44%的Akira和Qilin等威胁团伙，已将重心转向中型企业——这类企业目前更有可能支付赎金。

利润下滑正促使勒索软件团伙采取更精准的攻击策略；随着利润率持续收缩，大型企业仍可能成为日益重要的攻击目标。

4. 攻击向量：远程访问与软件漏洞滥用加剧

过去一年另一显著趋势是，远程访问入侵已成为主要攻击向量，同时软件漏洞的滥用也大幅增加。

随着大型组织安全防护能力的提升，威胁者可能会更多依赖社会工程学攻击和招募内部人员，通过高额贿赂获取初始访问权限。

Microsoft has begun testing a new feature that enables simultaneous audio playback on two Bluetooth devices. This capability,

The post Finally: Windows 11 Tests Shared Bluetooth Audio on Two Devices, Starting with Copilot+ PCs appeared first on Penetration Testing Tools.

The Qilin ransomware group has once again claimed responsibility for a large-scale cyberattack. This time, the hackers allege

The post Qilin Ransomware Claims Hack on Japan’s Super Value Supermarket, Leaks Payroll & P&L Data appeared first on Penetration Testing Tools.

Microsoft is introducing an additional layer of protection in its Edge browser to defend users against scareware scams—malicious

The post Instant Block: Microsoft Edge Gains New Sensor for Faster Scareware Scam Protection appeared first on Penetration Testing Tools.

The Australian government has issued a warning about active cyberattacks targeting unprotected Cisco IOS XE devices used across

The post Cisco Router Crisis: Australian Gov Warns Hackers Reinfecting Systems with BadCandy Web Shell appeared first on Penetration Testing Tools.

Google DeepMind’s research division has announced the launch of the AI for Math Initiative, an ambitious global program

The post Beyond Human Intuition: DeepMind Launches Global AI for Math Initiative to Revolutionize Discovery appeared first on Penetration Testing Tools.

For over a year, programmer Harishankar Narayanan had been using his iLife A11 robot vacuum without incident—until he

The post House Spy: Robot Vacuum Halted Remotely After Engineer Blocks China Telemetry appeared first on Penetration Testing Tools.

KDE Plasma 6.5 has become one of the most significant updates in recent years for Linux users. The developers

The post Turning Point: KDE Plasma 6.5.1 Arrives, Fixing Dozens of Bugs to Welcome New Linux Users appeared first on Penetration Testing Tools.