CRITICAL INFRASTRUCTURE Archives - Page 217 of 217

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations | CISA

September 8, 2022October 15, 2025 Securonix

IRGC-affiliated cyber actors exploited known Fortinet FortiOS and Microsoft Exchange vulnerabilities, plus VMware Horizon Log4j flaws, to gain initial access and conduct ransomware-like operations involving data encryption and data extortion. The advisory outl…

Threat Research

#StopRansomware: Zeppelin Ransomware | CISA

August 2, 2022October 16, 2025 Securonix

The article compiles a large set of file hash indicators tied to Zeppelin ransomware activity as described in the CISA alert AA22-223a, associated with the StopRansomware campaign. It presents these indicators in a purely IOC-focused format without narrative d…

Threat Research

On the FootSteps of Hive Ransomware – Yoroi

July 20, 2022October 18, 2025 Securonix

Yoroi’s ZLab tracks Hive (TH-313) ransomware and its evolution from Go-based payloads to Rust-based variants under a Double Extortion/RaaS model, highlighting its expanding victimology including healthcare and critical infrastructure. The report details increa…

Threat Research

Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques

May 25, 2022October 18, 2025 Securonix

Trend Micro Research analyzed a resurgence of the Cuba ransomware group with a new variant that uses optimized infection techniques, including a new staging downloader. The update also expands safelists, adds victim support features, and implements double exto…

Tag: CRITICAL INFRASTRUCTURE

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations | CISA

#StopRansomware: Zeppelin Ransomware | CISA

On the FootSteps of Hive Ransomware – Yoroi

Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques