Cybersecurity Today

Lockbit Is Back

Sep 29, 2025
In this discussion, Lockbit 5.0 ransomware is revealed as a formidable new threat capable of simultaneous attacks on multiple platforms. A critical vulnerability in Salesforce's AI agents allows malicious prompts that can compromise sensitive data. The conversation also highlights the impressive advancements of China's Ministry of State Security under Xi Jinping, posing increased risks to Western security. Additional insights point to operational vulnerabilities in the U.S. that may have amplified these risks, underscoring the urgent need for enhanced cybersecurity measures.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
INSIGHT

LockBit Targets Entire Enterprise Stacks

  • LockBit 5.0 can attack Windows, Linux, and VMware ESXi in a single campaign, expanding impact across entire enterprise stacks.
  • Re-engineering, speed, and ESXi backup targeting make it far more dangerous than prior variants.
INSIGHT

In-Memory Loads And Speed Are Weapons

  • The Windows build uses DLL reflection to load malicious code directly into memory, evading anti-malware detection.
  • Faster encryption shrinks detection and response windows, turning speed into a tactical weapon.
ADVICE

Prepare For Revived Affiliate Campaigns

  • Monitor affiliate programs and hardened platforms to detect reactivated ransomware frameworks early.
  • Prepare incident response for rapid, multi-platform encryption and compromised backups.
Get the Snipd Podcast app to discover more snips from this episode
Get the app