This post is also available in: 日本語 (Japanese) Executive Summary Ransom Cartel is ransomware as a service (RaaS) that surfaced in mid-December 2021. This ransomware
Search Results for: revil
Secureworks® Counter Threat Unit™ (CTU) researchers analyzed REvil ransomware samples that were uploaded to the VirusTotal analysis service after the GOLD SOUTHFIELD threat group’s infrastructure resumed
Insikt Group uncovered new infrastructure and infection methods employed by GrayAlpha, a cybercriminal group overlapping with FIN7, including custom loaders PowerNet and MaskBat leading to NetSupport RAT infections. The report highlights three primary infection vectors and emphasizes the importance of application allow-lists, employee training, and updated detection rules to combat these threats. #GrayAlpha #FIN7 #NetSupportRAT #PowerNet #MaskBat
The ransomware group Black Basta disbanded after internal chat leaks, but its tactics, especially mass email spam and Microsoft Teams phishing, continue to be used by former members and new groups. Emerging attack methods now include Python script execution with cURL for payload delivery, emphasizing the need for strong user education and vigilant defense strategies. #BlackBasta #MicrosoftTeamsPhishing #CactusRaaS
This report provides a comprehensive overview of recent cybersecurity threats from various actors, detailing their tactics, techniques, and indicators of compromise. The analysis covers sophisticated
This weekly threat intelligence report from RST Cloud summarizes 49 threat intelligence reports, highlighting various cyber threats and tactics used by different threat actors. Notable
The last quarter of 2024 saw an unprecedented surge in ransomware activity, with significant growth in the number of active groups and notable incidents involving
A cyber attack on Haunted Company Inc. has raised significant concerns just before their IPO. The company is investigating the breach, collaborating with analysts to
The Internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization.
Short Summary: In 2024, malware loaders have become a prevalent tool in cyberattacks, with loaders like SocGholish, GootLoader, and Raspberry Robin leading the charge. These
Executive Summary New evidence shows FIN7 is using multiple pseudonyms to mask the group’s true identity and sustain its criminal operations in the underground market
Cybereason Security Services issue Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them….
Cybereason Security Services issues Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them….