The Cactus Ransomware Group employs a sophisticated multi-stage attack method, featuring social engineering and exploits to compromise targeted systems. Their toolkit includes ransomware delivery, stealthy
Search Results for: cactus
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the Cactus ransomware since the beginning of its activities in March 2023. Cactus has targeted a wide variety of organizations since its inception and has breached more than 100 entities as of April 2024.
The post Emulating the Prickly…
By Aishwarya Gentyal · July 11, 2024 Ransomware malware has been around for many years now and it continues to dominate the headlines. It’s an
Bitdefender Labs recently helped with an investigation that unfortunately aligns with two key predictions we made for 2024: the rapid rise of opportunistic ransomware and
A new plant has grown in the desert of cyber threats, wielding its thorns to pierce through organizations and individuals alike. The Cactus Ransomware Group,
This article aims to share timely and relevant information about a rapidly developing campaign under investigation. We are publishing it as early as possible for
Executive summary Cactus ransomware was discovered in March 2023. The malware creates a mutex called “b4kr-xr7h-qcps-omu3cAcTuS” to ensure that only one copy is running at
The ransomware group Black Basta disbanded after internal chat leaks, but its tactics, especially mass email spam and Microsoft Teams phishing, continue to be used by former members and new groups. Emerging attack methods now include Python script execution with cURL for payload delivery, emphasizing the need for strong user education and vigilant defense strategies. #BlackBasta #MicrosoftTeamsPhishing #CactusRaaS
DanaBot, originally identified as a banking trojan in 2018, has evolved into a multifunction malware-as-a-service used by various cybercrime groups and recently resurfaced in 2024 with targeted campaigns in logistics and hospitality sectors. Law enforcement disrupted DanaBot’s infrastructure in May 2025 as part of Operation Endgame, highlighting the malware’s intersection with…
Operation Endgame recently targeted DanaBot, a modular malware used for banking fraud, espionage, and deploying additional malware payloads such as ransomware. DanaBot operates on a Malware-as-a-Service model and has been involved in both criminal and nation-state activities, including DDoS attacks against Ukrainian government servers. #DanaBot #OperationEndgame #ZscalerThreatLabz
This week’s threat intelligence report reveals an analysis of multiple cyber threat reports. Key highlights include espionage tactics from APT groups, sophisticated malware deployments, and
This week’s threat intelligence report reveals a range of sophisticated cyber threats, including targeted multistage malware attacks, ransomware groups adopting new backconnect malware, and social