Title |
Published |
Tags |
Description |
Number of indicators |
ShrinkLocker Malware: Abusing BitLocker to Lock Your Data |
Sept. 17, 2024, 11:15 a.m. |
|
ShrinkLocker is a new ransomware strain that exploits Windows BitLocker to encrypt targeted data. Unlike typical ransomware, it a… |
2 |
Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware |
Sept. 11, 2024, 8:08 a.m. |
|
Repellent Scorpius is a new ransomware-as-a-service group distributing Cicada3301 ransomware. It emerged in May 2024 and employs … |
8 |
Ransomware Roundup - Underground |
Sept. 2, 2024, 4:21 p.m. |
|
The Underground ransomware, first observed in July 2023, targets Windows machines by encrypting files and demanding ransom. Attri… |
4 |
StopRansomware: RansomHub Ransomware |
Aug. 30, 2024, 5:44 p.m. |
|
RansomHub is a ransomware-as-a-service variant that has targeted over 210 victims across various critical infrastructure sectors … |
14 |
Introducing Gh0stGambit: A Dropper for Deploying Gh0st RAT |
July 31, 2024, 10:43 a.m. |
|
This analysis examines a recent malware campaign involving a dropper dubbed Gh0stGambit, which is employed to retrieve and execut… |
6 |
Ransomware: Activity Levels Remain High Despite Disruption |
July 11, 2024, 1:06 p.m. |
|
While overall activity levels dipped slightly in the first quarter of 2024, the number of claimed attacks remained high, with Loc… |
27 |
Decrypted: DoNex Ransomware and its Predecessors |
July 10, 2024, 9:33 a.m. |
|
Researchers have uncovered a cryptographic flaw in the DoNex ransomware and its previous iterations, allowing for the creation of… |
8 |
BlackSuit Ransomware: Insights and Defense Strategies |
July 8, 2024, 10:54 a.m. |
|
This report provides an in-depth analysis of the BlackSuit ransomware, a threat that has been actively targeting various sectors … |
8 |
Mallox Ransomware: Linux Variant Decryptor Found |
July 4, 2024, 10:36 a.m. |
|
The report analyzes the Mallox ransomware, which has been active since mid-2021 and focuses on multi-extortion by encrypting vict… |
5 |
Update: CVE-2024-4577 quickly weaponized to distribute Ransomware |
June 11, 2024, 10:13 a.m. |
|
The report describes an attack campaign leveraging the CVE-2024-4577 vulnerability to deliver the "TellYouThePass" ransomware. Th… |
5 |
Lost in the Fog: A New Ransomware Threat |
June 7, 2024, 10:34 a.m. |
|
Arctic Wolf Labs began monitoring the deployment of a new ransomware variant called Fog in early May 2024. The ransomware attacks… |
5 |
Malicious Campaign Analysis: JScript RAT and CobaltStrike |
June 7, 2024, 8:59 a.m. |
|
This report examines a recent malicious campaign involving a JScript-based Remote Access Trojan (RAT) and its connections to the … |
4 |
New ransomware group abusing BitLocker |
May 23, 2024, 2:49 p.m. |
|
The report examines an incident where threat actors leveraged Microsoft's BitLocker encryption utility to deploy unauthorized fil… |
6 |
Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear |
May 21, 2024, 11:24 a.m. |
|
This comprehensive analysis delves into the continuous evolution and refinement of sophisticated malware entities employed by a p… |
29 |
StopRansomware: Black Basta |
May 13, 2024, 9:31 a.m. |
|
This advisory details tactics, techniques, procedures and indicators of compromise related to Black Basta ransomware, a variant f… |
174 |
Ransomware Roundup (April 29, 2024) |
April 29, 2024, 6:21 p.m. |
|
This concise report provides insights into the evolving ransomware landscape, covering the KageNoHitobito and DoNex variants. It … |
7 |