You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
ransomware defense
About this tag
Ransomware defense on Windows systems requires vigilance against novel attack techniques that abuse trusted collaboration platforms. A recent DragonForce ransomware campaign against a U.S. services company in December 2025 hid command-and-control traffic inside Microsoft Teams relay infrastructure using a custom Go backdoor tracked as Backdoor.Turn. This approach exploits the trust granted to legitimate Microsoft services, making outbound traffic appear clean while enabling deep compromise. For Windows defenders, this highlights the need to monitor behavioral anomalies rather than relying solely on brand-name traffic. Ransomware groups are evolving from noisy intrusions toward bespoke tooling, demanding updated defense strategies that account for abuse of legitimate collaboration plumbing.
Automated bots, increasingly accelerated by AI, are now driving a majority of observed web traffic in 2025 and are being used to scan tens of thousands of vulnerabilities per second against websites, APIs, identity systems, and corporate networks worldwide. The uncomfortable lesson is not that...
Attackers deploying DragonForce ransomware against a major U.S. services company in December 2025 hid command-and-control traffic inside Microsoft Teams relay infrastructure using a custom Go backdoor tracked by Symantec as Backdoor.Turn. The technical novelty is not that Teams was “hacked,” but...