

Lockbit Is Back
Sep 29, 2025
In this discussion, Lockbit 5.0 ransomware is revealed as a formidable new threat capable of simultaneous attacks on multiple platforms. A critical vulnerability in Salesforce's AI agents allows malicious prompts that can compromise sensitive data. The conversation also highlights the impressive advancements of China's Ministry of State Security under Xi Jinping, posing increased risks to Western security. Additional insights point to operational vulnerabilities in the U.S. that may have amplified these risks, underscoring the urgent need for enhanced cybersecurity measures.
AI Snips
Chapters
Transcript
Episode notes
LockBit Targets Entire Enterprise Stacks
- LockBit 5.0 can attack Windows, Linux, and VMware ESXi in a single campaign, expanding impact across entire enterprise stacks.
- Re-engineering, speed, and ESXi backup targeting make it far more dangerous than prior variants.
In-Memory Loads And Speed Are Weapons
- The Windows build uses DLL reflection to load malicious code directly into memory, evading anti-malware detection.
- Faster encryption shrinks detection and response windows, turning speed into a tactical weapon.
Prepare For Revived Affiliate Campaigns
- Monitor affiliate programs and hardened platforms to detect reactivated ransomware frameworks early.
- Prepare incident response for rapid, multi-platform encryption and compromised backups.