Tag: vasa locker

2 Attack Reports | 0 Vulnerabilities

Attack reports

An Overview of The Gentlemen's TTPs

This intelligence report provides a comprehensive analysis of The Gentlemen, a ransomware group known for its sophisticated tactics, techniques, and procedures (TTPs). The group exploits vulnerabilities in FortiOS/FortiProxy, maintains a database of compromised devices, and employs advanced defense…
exploit
ransomware
credential-theft
medusa
CVE-2024-37085
qilin
CVE-2023-27532
data-exfiltration
lateral-movement
babuk
vasa locker
babyk
raas
CVE-2024-55591
CVE-2025-32463
fortios
lockbit 5.0
defense-evasion
the gentlemen
2026-03-20
Published: March 20, 2026
Linked vulnerabilities : CVE-2024-37085 (CVSS 6.8), CVE-2024-55591 (CVSS 9.8), CVE-2023-27532, CVE-2025-32463 (CVSS 9.3)
Downloadable IOCs: 4

Head Mare: adventures of a unicorn in Russia and Belarus

Head Mare is a hacktivist group targeting companies in Russia and Belarus since 2023. They use phishing campaigns exploiting the CVE-2023-38831 vulnerability in WinRAR for initial access. Their toolkit includes custom malware like PhantomDL and PhantomCore, as well as publicly available tools like …
phishing
ransomware
russia
belarus
lockbit
CVE-2023-38831
2024-09-02
babuk
vasa locker
phantomdl
phantomcore
babyk
hacktivists
Published: September 2, 2024
Linked vulnerabilities : CVE-2023-38831
Downloadable IOCs: 52
Click here to see more Attack Reports