News & Commentary

As ransomware attacks increased, paid ransoms decreased 📉

So…there’s good news and bad news. 😅

The bad news is that ransomware attacks noticeably spiked in the second half of 2024. The good news? Ransoms that victims paid via cryptocurrency fell by 35% year over year, down to $814 million from $1.25 billion in 2023.

Analysts seem to think a primary reason for the decline in payments is due to law enforcement taking action. You might remember hearing about Operation Cronos early last year, which effectively halted the ransomware group LockBit in its tracks. This operation alone made payments to LockBit tank by 79%. We’ve also enforced actions and sanctions against cryptocurrency laundering services, making it harder for bad actors to process paid ransoms while remaining anonymous. Also, more victims decided enough was enough, and many flat-out refused to pay ransoms.

An attack is only as effective as its aftermath. If everyone collectively stopped paying ransoms, there’d be few (if any) ransomware attacks. Of course, it’s easy to say that paying any ransom is a bad idea…until you’re the victim. It instantly becomes a harder decision to make—but it’s nice to see that we’re trending in the right direction.

Salt Typhoon sets its sights on Cisco devices 🌎

China-based APT Salt Typhoon (or RedMike) recently ran a campaign that targeted telecommunications companies, ISPs, and universities on six continents. By exploiting known vulnerabilities (as in, known since 2023) in Cisco’s IOS XE software, the group was able to compromise more than 1,000 Cisco devices. The group knows no bounds, either, as they’re also actively targeting some of the top universities in the United States (where cutting-edge research often happens) and other countries.

Recorded Future’s write-up on this campaign surfaces a great point:

It’s a point I’ve brought up quite a few times: What happens on the internet is no longer contained to the four corners of our monitors. Cyberattacks have real-world consequences, including the ability for hackers to access critical communications networks and bring them down at the drop of a hat.

In this case, there’s an easy solution: patch. (Surprised? I know, me neither.) But even that can be tricky for some to adhere to. For example, while universities are lucrative targets for threat actors, they’re often woefully understaffed in terms of cybersecurity personnel. And even those universities without a staff shortage may face difficulties when it comes to patching, such as using outdated systems where threats are mitigated, not patched.

The TL;DR here: Ugh. 😅

Calling all creatives: Cybersecurity might be just the field for you 💼

I came across an article that was validating for me as someone who preaches that anyone can break into cybersecurity—especially those who think they can’t.

And perhaps ironically, it’s an article about our frenemy, AI. 😆

To embark on a cybersecurity career, it’s great to have an element of creativity. Zooming out of a situation to see the big picture. Anticipating next steps, like an intense chess match that makes you clench your jaw. Asking “what if…” and “is it possible…” using the data we do have to predict the data we don’t have.

And you know who’s really good at doing those things and asking those questions? That’s right: creatives.

Anyone can look at logs and be trained to analyze them. Like the article mentions, it’s why AI excels at reviewing logs: It’s good at finding patterns, analyzing large datasets, and knocking out repetitive tasks. It’s not that great at thinking outside the box. But humans are, especially creative ones.

This is for all the arts and humanities majors and lovers who think their right-brainedness automatically cheats them out of a career in cybersec. There’s a place for you here too, friends! 😁

Sponsor

Just Released: The 2025 IT Risk and Compliance Report

It's no secret that IT risks are out there, but how are organizations responding? Each year, we ask over 1,000 risk and compliance professionals about their pain points, budgets, staffing, risk management best practices, and much more to provide an in-depth view of the market’s current state and what to expect for the coming year. A must-read for IT risk, compliance, and security professionals, click below to see the most up-to-date trends affecting the industry today.

The State of Cybercrime

A documentary-style look at cybercrime in 2024.

Today’s cybercrime barely resembles the hackers-in-basements portrayals we saw in years past. Now, it’s a thriving industry—an entire ecosystem of threat actors, malware, and exploits—with real-world implications that blur the lines between virtual and reality.

Watch this video for insights and explorations on cybercrime from the experts who’ve taken down these bad actors—one threat at a time.

Just Hacking Training 🤓
February Announcements

It’s gosh darned cold outside, but JHT is bringing the heat. 🔥

How about some WMD w/ a prior US SpecialOps Cyber Operator? Hellz yeah! DEF CON Trainer & Black Badger Dahvid Schloss teaches Windows Malware Dev in "WMD 1", the first of 3 in the WMD Path. As we do with all of our new courses, we have a Special Release Offer of 20% off $150 for ONLY $120! ⌛

With a quick introduction to C2s and shell code, you’ll jump right into Visual Studio and start coding in C++ and Python right away! Don’t worry, expert guidance along with 3+ hours of video are provided to help you succeed. 🧠

Speaking of 20% Off, the launch deal is still in effect for my course, Dark Web & Cybercrime Investigations. 😉 Get a gentle intro to the dark arts for ONLY $100!

Additional training releases this month include a Hack-Along (HAL) and Free Upskill Challenges (UCs):

• HAL - Data Recovery Advanced (ShadowMe #4) by Ali Hadi

• UC - Help Desk by Kevin Apolinario

• UC - Red Teaming by Rob Fuller AKA Mubix

• UC - Reverse Engineering Software by Atlas

• UC – Signals by Ross Flynn

On deck for March 2025 and beyond!

• Level Up OSINT Course by Mishaal Khan

• WMD 2 and 3 Courses by Dahvid Schloss

• MADS Vol 3, 4 and 5 Courses by Slavi Parpulev

• HAL – OWASP API Top 10 Part 1 of 3 by Katie Paxton-Fear

• Numerous courses, HALs, UCs & CTFs

With new content released twice a month throughout 2025, bi-monthly livestreams with our experts and even some “Name Your Price” options, JHT provides "Focused Technical Training for All Levels" to advance your career regardless of experience level or budget.

Come hang out with us hackers in Discord and engage with me, our All-Star instructors, students, and the rest of our community.

To appease the Email Overlords, I ask new subscribers to reply to an email from me with their best joke (to make sure future newsletters don’t land in spam). And yet again, you all did not disappoint. 🤣

Here are a few of my favorite replies that landed in my inbox this month.

Love this thing? Have some pointers on how I can make it better? Please reply to this email and let me know. I really want these newsletters to be worth reading to you, and your feedback makes that possible!

Hope to hear from you soon!