In October 2023, we published a blog post containing technical analysis of the Rhysida ransomware. What we intentionally omitted in the blog post was that we had been aware of …
Search Results for: rhysida
Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware …
As a cybersecurity company, Kaspersky is constantly dealing with known and brand-new malware samples. As part of our crimeware reporting service, we provide our customers with technical reports on …
[Update] November 16, 2023: See the subheading: “Collaborative Advisory by CISA, FBI, and MS-ISAC on Rhysida Ransomware.”
[Update] February 13, 2024: “A Free Decryption Tool Released”
The digital world is …
Stealers are a prominent threat in the malware landscape. Over the past year we published our research into several stealers (see here, here and here), and for now, the …
Intel-Ops
·
Follow
9 min read ·
Mar 5, 2024
—
On February 29th 2024, CISA released an advisory on Phobos ransomware.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060a
Intel-Ops is actively tracking infrastructure assessed to …
Scattered Spider (aka UNC3944, Scatter Swine, Muddled Libra, Octo Tempest, Oktapus, StarFraud) is a lucrative intrusion set active since at least May 2022, primarily engaged in …
This post is also available in: 日本語 (Japanese)
Executive SummaryThe ransomware landscape experienced significant transformations and challenges in 2023. The year saw a 49% increase in victims reported by …
Throughout Q2 and Q3 2023, Kroll has observed an increased use of the malicious “SYSTEMBC” tool to maintain access in a compromised network. SYSTEMBC was first observed in the wild …
By Securonix Threat Labs, Threat Research: D. Iuzvyk, T. Peck, O. Kolesnikov
tldr: Threat actors favor RMM (remote monitoring and management) as it allows for convenient and stealthy command and …
The crimeware landscape is diverse. Cybercriminals try to capitalize on their victims in every possible way by distributing various types of malware designed for different platforms. In recent months, …
SystemBC, also known as Coroxy or DroxiDat, is a malware categorized as Proxy malware, a Bot, a backdoor, and even a RAT, as its uses can be diverse depending on …
In the ever-evolving landscape of cyber threats, the number of ransomware groups adopting double extortion is a concerning trend. This rising wave of ransomware …