Stay ahead with CYFIRMA’s Monthly Ransomware Report – July 2025.CYFIRMA’s July 2025 Ransomware Report recorded 504 global victims, a 7.5% rise from June, reflecting sustained threat levels. Qilin remained the most active, while Incransom and SafePay surged. Interlock introduced FileFix, a stealthy Windows UI-based delivery method; GLOBAL GROUP launched an AI-powered RaaS; and Gunra expanded to Linux with multithreaded encryption. Emerging actors like Dire Wolf and D4RK4RMY focused on data leaks and ideological messaging, moving beyond traditional encryption. Scattered Spider escalated attacks on VMware ESXi through social engineering. The U.S., Canada, and the UK were top targets, with consumer services, professional services, and manufacturing sectors hit hardest. Attackers increasingly leverage native OS tools, cloud abuse, and MFA fatigue to evade detection.Link to the Research Report: https://www.cyfirma.com/research/tracking-ransomware-july-2025/#CyberSecurity #Ransomware #ThreatIntel #ETLM #CYFIRMA #Qilin #SafePay #Interlock #GLOBALGROUP #Gunra #DireWolf #D4RK4RMY #ScatteredSpider #CYFIRMAresearch #ExternalThreatLandscapeManagement #APT #LinuxRansomwarehttps://www.cyfirma.com/

Ver todos los episodios