Skip to Main Content

Resources

Providing you the latest industry-specific news and insights.

  • article

    Recent Sanctions Reveal LockBit and Evil Corp Links

    The US Department of the Treasury’s Office of Foreign Assets Control sanctioned seven individuals for their association with the Evil Corp cybercriminal group.

    Read more
  • article

    Telegram Changes Privacy Policy

    Telegram – the instant messaging platform popular with ransomware groups and cybercriminals because of its user privacy features – recently updated its privacy policy in an effort to discourage criminals from abusing the platform.

    Read more
  • article

    Rhysida Using Oyster Backdoor in Attacks

    The Rhysida ransomware group has been using the Oyster backdoor in attacks, leveraging fake websites to trick users into downloading malicious software.

    Read more
  • article

    New Group Emerges with Similarities to ALPHV/BlackCat

    Cicada3301, a new RaaS group, emerged in June 2024. Using double extortion, they target Windows and Linux/VMware ESXi systems, posting victims on their dark website. Their methods show strong similarities to ALPHV/BlackCat ransomware.

    Read more
  • article

    Iranian Hackers Working with Ransomware Groups

    An Iranian threat group linked to the GOI collaborates with ransomware affiliates, aiding network access and extortion for a ransom share.

    Read more
  • article

    Automotive Industry Faces Increased Cyberattacks 

    Recent ransomware attacks have severely impacted the automotive industry, disrupting car and parts availability, dealership operations, and global economies.

    Read more
  • article

    FIN7 Return Drives Increase in Cl0p Ransomware Attacks

    FIN7 resumed operations in April 2024, fueling a rise in Cl0p ransomware attacks. Their partnership poses a heightened threat, using malvertising and trojans to target victims.

    Read more
  • article

    Malware Spotlight: Fog Ransomware

    The Fog ransomware group is one of the few threat actors targeting one industry: education. This spotlight explores the group’s observed behavior, background information on the threat actor, and a technical analysis of Fog’s ransomware executable.

    Read more
  • article

    Threat Actors Exploiting New ESXi Vulnerability

    Explore the critical need to secure your network from VMware ESXi vulnerabilities, such as CVE-2024-37085, exploited by ransomware groups. Learn best practices to protect your virtual environment and prevent unauthorized access.

    Read more
  • article

    Ransomware and Cloud Security

    Cloud infrastructures, seen as more secure than on-premise, face risks like cryptominers, DoS attacks, and extortion. Mr. Anazon, a threat actor, exploits these vulnerabilities, highlighting ongoing cloud security challenges.

    Read more
  • article

    Largest Data Breach of All Time (So Far)

    On July 4th, 2024, a threat actor posted nearly ten billion unique passwords to a dark web forum. This was the second large dump of passwords from the threat actor calling themselves ObamaCare on the forum.

    Read more
  • article

    Threat Actor Spotlight: BlackSuit Ransomware

    First observed by Arete in May 2023, BlackSuit ransomware is an emerging cyber threat targeting organizations across several sectors. This spotlight explores the ransomware behavior observed, incident response data, and technical analysis.

    Read more