Tag : encryption

16 attack reports | 0 vulnerabilities

Attack Reports

Title Published Tags Description Number of indicators
ShrinkLocker Malware: Abusing BitLocker to Lock Your Data Sept. 17, 2024, 11:15 a.m. ShrinkLocker is a new ransomware strain that exploits Windows BitLocker to encrypt targeted data. Unlike typical ransomware, it a… 2
Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware Sept. 11, 2024, 8:08 a.m. Repellent Scorpius is a new ransomware-as-a-service group distributing Cicada3301 ransomware. It emerged in May 2024 and employs … 8
Ransomware Roundup - Underground Sept. 2, 2024, 4:21 p.m. The Underground ransomware, first observed in July 2023, targets Windows machines by encrypting files and demanding ransom. Attri… 4
StopRansomware: RansomHub Ransomware Aug. 30, 2024, 5:44 p.m. RansomHub is a ransomware-as-a-service variant that has targeted over 210 victims across various critical infrastructure sectors … 14
Introducing Gh0stGambit: A Dropper for Deploying Gh0st RAT July 31, 2024, 10:43 a.m. This analysis examines a recent malware campaign involving a dropper dubbed Gh0stGambit, which is employed to retrieve and execut… 6
Ransomware: Activity Levels Remain High Despite Disruption July 11, 2024, 1:06 p.m. While overall activity levels dipped slightly in the first quarter of 2024, the number of claimed attacks remained high, with Loc… 27
Decrypted: DoNex Ransomware and its Predecessors July 10, 2024, 9:33 a.m. Researchers have uncovered a cryptographic flaw in the DoNex ransomware and its previous iterations, allowing for the creation of… 8
BlackSuit Ransomware: Insights and Defense Strategies July 8, 2024, 10:54 a.m. This report provides an in-depth analysis of the BlackSuit ransomware, a threat that has been actively targeting various sectors … 8
Mallox Ransomware: Linux Variant Decryptor Found July 4, 2024, 10:36 a.m. The report analyzes the Mallox ransomware, which has been active since mid-2021 and focuses on multi-extortion by encrypting vict… 5
Update: CVE-2024-4577 quickly weaponized to distribute Ransomware June 11, 2024, 10:13 a.m. The report describes an attack campaign leveraging the CVE-2024-4577 vulnerability to deliver the "TellYouThePass" ransomware. Th… 5
Lost in the Fog: A New Ransomware Threat June 7, 2024, 10:34 a.m. Arctic Wolf Labs began monitoring the deployment of a new ransomware variant called Fog in early May 2024. The ransomware attacks… 5
Malicious Campaign Analysis: JScript RAT and CobaltStrike June 7, 2024, 8:59 a.m. This report examines a recent malicious campaign involving a JScript-based Remote Access Trojan (RAT) and its connections to the … 4
New ransomware group abusing BitLocker May 23, 2024, 2:49 p.m. The report examines an incident where threat actors leveraged Microsoft's BitLocker encryption utility to deploy unauthorized fil… 6
Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear May 21, 2024, 11:24 a.m. This comprehensive analysis delves into the continuous evolution and refinement of sophisticated malware entities employed by a p… 29
StopRansomware: Black Basta May 13, 2024, 9:31 a.m. This advisory details tactics, techniques, procedures and indicators of compromise related to Black Basta ransomware, a variant f… 174
Ransomware Roundup (April 29, 2024) April 29, 2024, 6:21 p.m. This concise report provides insights into the evolving ransomware landscape, covering the KageNoHitobito and DoNex variants. It … 7