Tag: data leak

8 Attack Reports | 0 Vulnerabilities

Attack reports

Unleashing the Kraken ransomware group

The Kraken ransomware group, emerging from the remnants of the HelloKitty cartel, has been observed conducting big-game hunting and double extortion attacks. Utilizing SMB vulnerabilities for initial access, they employ tools like Cloudflared for persistence and SSHFS for data exfiltration. Kraken'…
ransomware
encryption
cross-platform
data leak
russian-speaking
double extortion
2025-11-13
kraken
underground forum
Published: November 13, 2025
Downloadable IOCs: 11

Trigona Rebranding Suspicions and Global Threats, and BlackNevas Ransomware Analysis

The BlackNevas ransomware group, first appearing in November 2024, has been targeting various industries and critical infrastructure globally, with a focus on the Asia-Pacific region. The group uses AES and RSA encryption, adding the '.-encrypted' extension to affected files. BlackNevas operates in…
ransomware
encryption
data leak
global threats
rsa
asia-pacific
aes
2025-09-12
blacknevas
Published: September 12, 2025
Downloadable IOCs: 1

Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors

A newly emerged ransomware group called Dire Wolf has been observed since May 2025, targeting multiple sectors globally with a focus on manufacturing and technology. The group employs double extortion tactics, encrypting files and threatening to publish stolen data. Analysis of a Dire Wolf ransomwa…
ransomware
golang
data leak
2025-07-02
dire wolf
Published: July 2, 2025
Downloadable IOCs: 2

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

Interlock Ransomware has recently targeted National Defense Corporation and its subsidiaries, impacting the defense industrial base supply chain. The group's attack on AMTEC, a manufacturer of ammunition and explosives, has exposed sensitive information about global defense contractors and their su…
supply chain
data leak
double extortion
interlock ransomware
2025-05-16
defense industrial base
national security
cmmc
geopolitical influence
intellectual property
Published: May 16, 2025
Downloadable IOCs: 11

Brief Disruptions, Bold Claims: The Tactical Reality Behind the India-Pakistan Hacktivist Surge

In May 2025, Pakistan-linked hacktivist groups claimed over 100 cyberattacks on Indian government, education, and critical infrastructure websites. However, an investigation reveals most breaches were exaggerated or fake. Alleged data leaks contained primarily public information, website defacement…
phishing
crimson rat
pakistan
ddos
india
cyberattack
data leak
apt36
hacktivist
defacement
2025-05-11
Published: May 11, 2025
Downloadable IOCs: 0

Ransomware Roundup – Lynx

The Lynx ransomware, first detected in July 2024, is a Windows-targeting malware that encrypts files and demands ransom for decryption. It shares similarities with the INC ransomware but offers more granular control. Lynx encrypts files with a .LYNX extension, changes desktop backgrounds, and print…
ransomware
windows
encryption
construction
data leak
manufacturing
2025-02-17
brave prince
lynx
Published: February 17, 2025
Downloadable IOCs: 9

Lynx Ransomware: A Rebranding of INC Ransomware

Lynx ransomware, discovered in July 2024, is a successor to INC ransomware targeting organizations in retail, real estate, architecture, and financial services in the U.S. and UK. It shares significant source code with INC and operates as a ransomware-as-a-service model. Lynx employs double extorti…
linux
ransomware
windows
encryption
data leak
raas
double extortion
2024-10-14
lynx ransomware
inc ransomware
Published: October 14, 2024
Downloadable IOCs: 44

Ransomware Roundup - Underground

The Underground ransomware, first observed in July 2023, targets Windows machines by encrypting files and demanding ransom. Attributed to the Russia-based RomCom group, it exploits CVE-2023-36884 and other common infection vectors. The ransomware deletes shadow copies, modifies RemoteDesktop settin…
windows
encryption
2024-09-02
romcom
data leak
CVE-2023-36884
storm-0978
underground
Published: September 2, 2024
Linked vulnerabilities : CVE-2023-36884
Downloadable IOCs: 4
Click here to see more Attack Reports