The Growing Menace of Ransomware in 2025

In 2025, ransomware remains a relentless cyber threat, with attackers refining their strategies to maximize damage. Unlike earlier variants, modern ransomware combines advanced encryption with cunning infiltration methods, targeting organizations’ most valuable assets. Criminals demand steep cryptocurrency ransoms, leaving victims weighing financial ruin against data loss. Austin Gomez at InfoSecDigest.com recently explored data on Ransomware.live which is a cybersecurity resource created by security researcher Julien Mosqueton. We examined several recent attacks, and identified a striking trend. A clear shift has emerged: attackers now prioritize small and medium-sized enterprises (SMEs) over large corporations. For example, a regional accounting firm in Ohio, was hit in January 2025, losing decades of tax records after attackers exploited an unpatched server. Similarly, a family-owned manufacturer in Texas faced a “double extortion” attack in February, where hackers encrypted production systems and leaked client contracts online after the ransom went unpaid. Another case saw a rural school district in Montana crippled in March, with student records held hostage via malware delivered through a compromised third-party app. These examples highlight the pivot to softer targets—SMEs often lack the dedicated IT teams or budgets of bigger firms. Attackers infiltrate via outdated software, weak passwords, or third-party vendors, then escalate…

Continue reading
Beware: Physical Letter Scams Targeting Executives Pretend to Be BianLian Group

On March 6th, 2025, the FBI dropped a heads-up about a sneaky scam hitting mailboxes across the U.S. This time, it’s not your typical email phishing nonsense—crooks are sending physical letters to corporate bigwigs, pretending to be the infamous BianLian Group. You know, those ransomware pros who’ve been making headlines for all the wrong reasons? Thing is, there’s no solid proof these letters actually come from BianLian. Seems like some opportunists are just borrowing the name to sound scary. The game plan here is pretty obvious: trick executives—the folks who can sign off on big money moves—into wiring cash straight to the scammers. It’s a bold phishing play, skipping the usual “encrypt your files” ransomware routine for something more old-school. And honestly, that’s what makes it so wild—it’s a letter you can hold, not just some sketchy link in your inbox. So, what’s a corporate exec supposed to do when the mail turns into a minefield? First off, get everyone in the company clued in with some solid cybersecurity training. I’m talking workshops or quick sessions where the team learns how to spot a scam from a mile away. Weird phrasing, demands for cash out of nowhere, or anything that…

Continue reading