2025 brings us close to an interesting milestone - ransomware attacks, in their current, enterprise-focused form, are almost a decade old. These attacks are so common today, it's impossible to report on all of them. There are signs of hope, however - ransomware payments are significantly down. There are also signs defenders are getting more resilient, and are recovering more quickly from these attacks.

Today, with Intel471's Mike Mitchell, we'll discuss what defenders need to know to protect against today's ransomware attacks. He'll share some stories and anecdotes from his experiences with customers. He'll also share some tips, and tricks for successful hunts, and how to catch attacks before even your tools trigger alerts.

Segment Resources:

• https://intel471.com/blog/how-ransomware-may-trend-in-2025

And now, for something completely different!

I've always urged the importance for practitioners to understand the underlying technology that they're challenged with defending. When we're yelling at the Linux admins and DevOps folks to "just patch it", what does that process entail? How do those patches get applied? When and how are they released in the first place?

This is often one of the sticking points when security folks get nervous about "going open source", as if 90% of the code in their environments doesn't already come from some open source project. It's a legitimate concern however - without a legal contract, and some comfort level that a paid support team is actually going to fix critical vulnerabilities, how do we develop trust or a relationship with an open source project?

In this interview, benny Vasquez, the Chair of the board of directors for AlmaLinux, will fill in some of the gaps for us, and help us understand how an open source project can not only be trusted, but in many cases may be more responsive to security teams' needs than a commercial vendor.

Segment Resources:

• benny's 'highly scientific' survey on cloud vs on-prem usage across AlmaLinux users

In the enterprise security news,

1. Why is a consulting firm raising a $75M Series B?
2. A TON of Cybereason drama just dropped
3. Skybox Security shuts down after 23 years
4. The chilling effect on security leaders is HERE, and what that means
5. IT interest in on-prem, does NOT mean they’re quitting the cloud
6. Updates on the crazy Bybit heist
7. the state of MacOS malware
8. Skype is shutting down
9. Mice with CRISPR’ed woolly mammoth fur is NOT the real life Jurassic Park anyone was expecting

All that and more, on this episode of Enterprise Security Weekly.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-397