Tag: netscan

3 Attack Reports | 0 Vulnerabilities

Attack reports

Stranger Strings: Yurei Ransomware Operator Toolkit Exposed

Active since September 2025, Yurei is a double extortion ransomware campaign. The operators run their own Tor data leak site with a low number of victims listed at the time of writing. It is reportedly derived from Prince Ransomware, an open-source ransomware family written in Go. Check Point resea…
anydesk
infostealers
netscan
2026-04-01
netexec
yurei ransomware
Published: April 1, 2026
Downloadable IOCs: 4

Medusa Ransomware Activity Continues to Increase

Medusa ransomware attacks jumped by 42% between 2023 and 2024. This increase in activity continues to escalate, with almost twice as many Medusa attacks observed in January and February 2025 as in the first two months of 2024.
ransomware
blackcat
anydesk
rclone
service
medusa
netscan
raas
medusalocker
psexec
simplehelp
2025-03-06
ttps
pdq deploy
pdq inventory
spearwing
navicat
avkiller
Published: March 6, 2025
Downloadable IOCs: 45

Patch or Peril: A Veeam vulnerability incident

While the vulnerability CVE-2023-27532 was made public in March 2023 and subsequently patched by Veeam for versions 12/11a and later for Veeam Backup & Replication software, Group-IB’s Digital Forensics and Incident Response (DFIR) team recently observed a notable incident related to this vulnerabi…
backdoor
ransomware
adfind
vpn
2024-07-12
fortigate
veeam
CVE-2023-27532
svhost
netscan
Published: July 12, 2024
Downloadable IOCs: 2
Click here to see more Attack Reports