Today > | 4 Medium | 2 Low vulnerabilities - You can now download lists of IOCs here!
1 attack reports | 0 vulnerabilities
The Underground ransomware, first observed in July 2023, targets Windows machines by encrypting files and demanding ransom. Attributed to the Russia-based RomCom group, it exploits CVE-2023-36884 and other common infection vectors. The ransomware deletes shadow copies, modifies RemoteDesktop settin…