The US extradites LockBit ransomware developer, Rostislav Panev, from Israel. Learn how his arrest impacts the fight against cybercrime and understand LockBit’s devastating impact.

The United States has achieved a significant victory in its ongoing battle against cybercrime with the extradition of Rostislav Panev, a 51-year-old dual Russian and Israeli national, who is accused of being a key developer of the notorious LockBit ransomware. 

Panev is alleged to have been deeply involved in the development and maintenance of the LockBit ransomware from its inception around 2019 until at least February 2024. During this period, he and his co-conspirators are believed to have transformed LockBit into what the Department of Justice (DoJ) describes as “the most active and destructive ransomware group in the world.”

The group, operating as a ransomware-as-a-service (RaaS) model, is believed to have targeted over 2,500 victims across at least 120 countries, including approximately 1,800 victims within the United States. These victims spanned across critical sectors, encompassing hospitals, schools, and government agencies, causing widespread disruption and financial losses.

The financial impact of LockBit’s activities is staggering. According to the DoJ, the group successfully extracted at least $500 million in ransom payments, while causing billions of dollars in additional losses through lost revenue and recovery costs. Evidence uncovered by law enforcement indicates Panev’s direct involvement in the development of tools that facilitated these attacks.

“The LockBit group attacked more than 2,500 victims in at least 120 countries around the world, including 1,800 in the United States. Their victims ranged from individuals and small businesses to multinational corporations, including hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies,” the DoJ’s press release revealed.

Authorities discovered administrator credentials on his computer, granting access to a dark web repository containing the source code for multiple versions of the LockBit builder, which enabled affiliates to generate custom malware.

They also found source code for the StealBit tool, used to exfiltrate stolen data, and evidence of direct communications between Panev and Dmitry Yuryevich Khoroshev, the alleged primary administrator of LockBit. They were charged by the DoJ, discussing development work on the LockBit builder and control panel.

Furthermore, financial records revealed cryptocurrency transfers exceeding $230,000 from Khoroshev to Panev between June 2022 and February 2024, providing concrete evidence of their financial relationship. In interviews with Israeli authorities, Panev reportedly admitted to performing coding, development, and consulting work for LockBit, confirming the regular cryptocurrency payments he received.

Panev’s extradition from Israel, where he was apprehended in August 2024 following a US provisional arrest request, marks a crucial step in holding individuals accountable for their roles in the devastating ransomware attacks that have plagued organizations worldwide. He has since appeared before a US magistrate and will remain detained pending his trial.

Top/Featured Image: Pixabay/Maxleron

The Hague, the Netherlands, March 13th, 2025, CyberNewsWire

Founded in 2024, Modat – the European-crafted, research-driven, AI-powered cybersecurity company, has announced the launch of its premier product, Modat Magnify.   

Designed by and for cybersecurity professionals, the team behind the product aims to speed up the lives of these individuals easier by giving them access to the largest Internet ‘Device DNA’ dataset available. The ‘Device DNA’ catalogues the essential attributes of each internet-connected device to create a unique profile.

• FAST. AI-powered for unparalleled speed. Continuously scanning the entire internet and identify adversary infrastructure in real-time. 
• SMART. Research enhances the development of the platform and offers contextualized data, historical context, and predictive insights. 
• EASY. User-centric UI designed from firsthand experience as cybersecurity professionals From the initial query to the findings result pages, easy-to-filter, read and use.  

“It starts with research to gain insight and build,” says Soufian El Yadmani, CEO & Founder of Modat. “Offensive and defensive professionals shared what solutions they need to be faster and to focus on what they do best. Scanning the internet is just a beginning. Speed, contextual data, and insight is vital to our products and services. Our ‘Device DNA’ gives value in the results to increase proactive efforts and build cyber resilience.” 

“Protecting your country takes clear insight into internet connected devices. Modat helps you to protect your country’s infrastructure with this insight,” emphasized Vincent Thiele, COO & Co-Founder of Modat. “We support communities to improve the health of the Internet and deliver products to help make the internet a safer place.”

Recent research covered by 35+ media outlets Global Impact:

Users can learn more:

Pricing & Access:  

• FREE:  covers most basic use cases. Solid start for many security professionals 
• Practitioner: €20/m  
• Professional: €60/m 
• Business: €400/m 
• Enterprise: tailored solutions for more complex needs of organisations and governments 

About Modat

Modat, founded in 2024 is the European-crafted, AI-powered, research-driven cybersecurity company dedicated to helping security professionals outpace adversaries and stay ahead of evolving threats. Their flagship product, Modat Magnify, provides access to the world’s largest Internet “Device DNA” dataset.  

Modat was created by researching, listening to, and directly experiencing the needs and challenges of security professionals. Their products enable the security community by giving access to unparalleled speed, contextualized data, and predictive insights.  

By design, the Modat Magnify platform helps offensive and defensive professionals by giving them a fast, smart, easy way to stop searching and start finding. Our ‘Device DNA’ catalogues the essential attributes of each internet-connected device to create a unique profile to support proactive cybersecurity. 

Modat empowers individuals, companies, and governments to strengthen their security posture and increase cyber resiliency. The team actively joining the fight to get ahead of cyber-attacks by narrowing the growing gap between digital threats and resilience. Join us to outpace and outlast.

Contact:

modat.io

LIn:

Bluesky:

For quotes/to schedule an interview, users can reach: 

Soufian El Yadmani – CEO & Founder 

Email: [email protected]  

LinkedIn: 

Vincent Thiele – COO & Co-Founder 

Email: [email protected]  

LinkedIn:

Contact

Head of Marketing
Bessie Schenk
Modat
[email protected]

Cary, North Carolina, March 13th, 2025, CyberNewsWire

As Artificial Intelligence (AI)-powered cyber threats surge, INE Security, a global leader in cybersecurity training and certification, is launching a new initiative to help organizations rethink cybersecurity training and workforce development. The company warns that AI is reshaping both the threat landscape and the skills required for cybersecurity professionals. While AI offers significant advantages in cyber defense, organizations must ensure their teams are properly trained to leverage it effectively without becoming overly reliant on automation.

“The rise of AI in cybersecurity isn’t just a challenge—it’s an opportunity,” said Dara Warn, CEO of INE Security. “By training cybersecurity professionals properly, AI can be leveraged to filter noise, reduce burnout, and increase efficiency. However, if we don’t train people to understand the ‘why’ behind AI-driven decisions, we risk a future where cybersecurity professionals are blindly following AI without the expertise to think critically beyond it.”

AI as a Force Multiplier: Improving SOC Efficiency and Threat Detection

AI-driven security tools are improving the signal-to-noise ratio, making Security Operations Centers (SOCs) more efficient by reducing false positive alerts—an area cybersecurity tools have been refining for over a decade. AI can prioritize critical threats, allowing analysts to focus on real dangers rather than wasting time investigating false alarms.

“AI is making threat detection smarter, but it’s not foolproof,” said Tracy Wallace, Director of Content at INE Security. “Security professionals need to be trained to work alongside AI, not just follow its outputs. AI is great at reducing alert fatigue, but analysts still need the expertise to investigate, interpret, and respond to threats accurately.”

Generative AI: A Double-Edged Sword for Cybersecurity Talent

One of the most promising yet complex aspects of AI’s rise is its impact on the cybersecurity workforce. On one hand, generative AI will lower the barrier to entry, allowing more professionals to enter the cybersecurity field and reducing the global labor shortage. 

However, this shift also presents risks. “The concern isn’t that AI is making cybersecurity easier,” said Wallace. “The concern is that if professionals become too dependent on AI outputs, they won’t develop the critical-thinking skills necessary to work beyond what the AI gives them. Organizations must ensure that cybersecurity training teaches professionals not just how to use AI but how to work independently of it when needed.”

The Data Privacy Dilemma: AI and LLM Security Risks

Another concern in AI-driven cybersecurity is data privacy and security risks with large language models (LLMs). While concerns over data leakage with cloud-based AI models are growing, this isn’t a new challenge—it’s an evolution of longstanding security principles. Organizations must ensure AI-powered security solutions do not require external data sharing.

“As AI becomes more deeply integrated into cybersecurity operations, privacy-first security architectures are crucial,” said Wallace. “Organizations need AI models that can operate securely without exposing sensitive data to external systems.”

The Future of AI Security Training: Agentic Architectures and AI-Driven Automation

Looking ahead, Agentic AI architectures are becoming a hot topic in cybersecurity. While some view it as buzzword hype, there is real potential for AI-driven security agents that autonomously investigate threats, adjust defenses in real-time, and improve security workflows with minimal human intervention.

However, automation must be carefully balanced. “Agentic AI might be the future, but we can’t let it replace hands-on expertise and human decision-making,” said Warn. “Security professionals must be trained to interpret AI-driven insights, make judgment calls, and recognize when AI is wrong.”

Training as the Solution: INE Security’s AI-Powered Cybersecurity Curriculum

To close the cybersecurity skills gap and help professionals work effectively with AI, INE Security is working to expand its AI-driven training programs. These programs will focus on:

• AI-Driven Threat Analysis – Training security teams to interpret AI-generated threat intelligence and reduce false positives.
• Machine Learning for Cyber Defense – Teaching professionals how AI-powered security models work and how attackers exploit AI vulnerabilities.
• Generative AI in Cybersecurity – Helping cybersecurity teams understand the risks and benefits of AI-generated attacks and defenses.
• Hands-On AI Security Labs – Simulating real-world AI-powered attacks and training professionals on how to counter them manually and with AI assistance.

“Our end goal is not just to train security professionals how to use AI but to train them how to think critically in an AI-driven world,” said Wallace. 

The Call to Action: Prepare for AI-Driven Threats Now

With AI transforming cybersecurity threats at an unprecedented pace, INE Security urges companies to:

• Train their cybersecurity teams on AI-driven tools, while ensuring they develop critical problem-solving skills.
• Prioritize AI-powered security solutions that enhance, not replace, human expertise.
• Implement privacy-first AI models that reduce data exposure risks.

“The AI revolution in cybersecurity is here,” concluded Warn. “Organizations that act now—by investing in security training, developing cybersecurity talent, and understanding how AI truly impacts the field—will be the ones leading the industry forward. The future of cybersecurity belongs to those who train for it.”

About INE Security

INE Security is the premier provider of online networking and cybersecurity training and certification. Harnessing a powerful hands-on lab platform, cutting-edge technology, a global video distribution network, and world-class instructors, INE Security is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business and for IT professionals looking to advance their careers, offering both Red Team training and Blue Team training. INE Security’s suite of learning paths offers an incomparable depth of expertise across cybersecurity and is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career.

Contact

Kathryn Brown
INE Security
[email protected]

Cybersecurity company Guardz is warning Microsoft 365 users about a new phishing scam backed by social engineering tactics making the rounds. This isn’t an average scam as attackers trick people into calling fake support numbers using Microsoft 365 infrastructure, putting their login details and accounts at risk.

How the Attack Works

Unlike typical phishing attempts using typosquatted domains, fake or misspelled email addresses, this campaign operates from within Microsoft’s cloud services. This makes the phishing attempts look convincing, easily bypassing email authentication checks like SPF, DKIM, and DMARC.

The attack also utilizes legitimate Microsoft domains (onmicrosoft.com)and manipulates tenant settings. The scammers also set up multiple Microsoft 365 organization tenants, either by creating new ones or compromising existing accounts. Each tenant has a specific role within the attack framework, allowing the threat actors to operate with anonymity.

One of these fake organizations is used to trigger actions that look like normal business activity, such as starting a subscription. Another fake organization is given a name that includes a fake warning message and a phone number. For example, the organization’s name might appear as something like, “(Microsoft Corporation) Your subscription has been successfully purchased… If you did not authorize this transaction, please call .”

When the attackers trigger an action, like a subscription change, Microsoft 365 automatically sends out legitimate emails about it. Because of how the attackers set up their fake organizations, these official Microsoft emails can end up including the fake warning message and phone number in the sender’s information or organization details.

So, you might receive an email that looks like it’s really from Microsoft, confirming a purchase you didn’t make. The email itself is real in the sense that it came through Microsoft’s systems.

But the alarming message asking you to call a number to dispute the charge? That’s the scam. If someone calls the number, they’re connected with the attackers, who then try to steal sensitive information like passwords or trick them into installing malicious software.

Why This Scam Is Effective

This approach is effective for several reasons. Since the emails come from Microsoft’s legitimate systems, they often pass standard security checks that look for fake domains or suspicious links. The emails look official, complete with Microsoft branding. And the urgent message about an unauthorized charge can cause people to act quickly without thinking.

According to Guardz’s report shared with Hackread.com ahead of its publishing on Thursday, this attack is tricky to spot because it uses legitimate services for malicious purposes. Traditional email security measures that check sender reputations or look for fake links might miss this.

The Possible Impact

The implications of this phishing campaign could be significant. Businesses and individuals who fall victim can suffer from credential theft, financial loss, account takeovers or installing malware on their systems. The attack’s dependence on voice channels also makes it more challenging to detect and prevent, as fewer security controls exist in direct phone communications.

Protecting Yourself and Your Business

A few key steps can help prevent these scams. Be wary of unexpected emails about purchases or subscriptions, even if they appear to come from Microsoft. Never call phone numbers listed in emails if something feels off, always verify contact details on Microsoft’s official website.

Pay close attention to sender details; while an email might look legitimate, unusual organization names or urgent wording can be red flags. Also, be cautious of messages from unfamiliar “.onmicrosoft.com” domains. Most importantly, train yourself and your employees to recognize phishing tactics, especially those designed to create a sense of urgency around financial threats.

RELATED TOPICS

1. Fake Facebook Copyright Notices to Hijacking Accounts
2. Hackers Using Fake YouTube Links to Steal Login Credentials
3. PayPal Phishing Exploits MS365 Tools, Genuine-Looking Emails
4. Phishing Attacks Can Bypass Microsoft 365 Email Safety Warnings
5. Astaroth Phishing Kit Bypasses 2FA, Hijacks Gmail, Microsoft Emails