Archive

August 29, 2025 This blog is brought to you by a research collaboration with our CTI colleagues and friends at LastPass.

August 5, 2025 Bottom-Line Up Front (BLUF): We have observed Akira affiliates exploiting two common drivers as part of a suspected AV/EDR evasion effort following initial access involving SonicWall ab…

July 10, 2025 Ransomware continues to escalate, driving a more fragmented and aggressive threat landscape.

May 8, 2025 Background Organizations often call on GuidePoint Security analysts to support and consult on Digital Forensics and Incident Response (DFIR) efforts, focusing on remediation, recovery, and…

April 10, 2025 Ransomware continues to surge, reshaping the threat landscape.

April 8, 2025 Executive Summary Since RansomHub’s emergence in early 2024, the group has become the most prolific Ransomware-as-a-Service group operating today.

March 6, 2025 Key Takeaways During the period covered by the Black Basta leaked chat logs (18 September 2023 – 28 September 2024), we observed the following We observed at least 47 cryptocurrency wa…

March 4, 2025 In early March 2025, GRIT received reports from multiple organizations regarding suspicious physical letters delivered by mail from US addresses to members of their executive team.

February 18, 2025 Ransomware threats continue evolving, with the most successful groups refining their tactics to maximize impact over the last year.

February 4, 2025 2024 saw an unprecedented surge in vulnerability disclosures, with over 39,000 vulnerabilities published.

January 29, 2025 Editor’s note: We will continue to provide updates as further information is forthcoming.

January 28, 2025 This blog marks the beginning of a series based on the findings in the GRIT 2025 Ransomware and Cyber Threat Report.