Resources
Providing you the latest industry-specific news and insights.
- article
The Return of Bumblebee Loader
After its disruption in May 2024, Bumblebee is back in the cyber ecosystem, using a new infection chain with LNK, PowerShell, and MSI files to drop additional malware.
Read more - article
Red Team Tool Used to Disrupt Endpoint Security Solutions
Researchers observed criminals using the red-team tool EDRSilencer in cyberattacks. This open-source tool, designed for penetration testing, can detect EDR processes and monitor, modify, or block their outbound network communications.
Read more - article
Telegram Changes Privacy Policy
Telegram – the instant messaging platform popular with ransomware groups and cybercriminals because of its user privacy features – recently updated its privacy policy in an effort to discourage criminals from abusing the platform.
Read more - article
Rhysida Using Oyster Backdoor in Attacks
The Rhysida ransomware group has been using the Oyster backdoor in attacks, leveraging fake websites to trick users into downloading malicious software.
Read more - article
New Group Emerges with Similarities to ALPHV/BlackCat
Cicada3301, a new RaaS group, emerged in June 2024. Using double extortion, they target Windows and Linux/VMware ESXi systems, posting victims on their dark website. Their methods show strong similarities to ALPHV/BlackCat ransomware.
Read more - article
Iranian Hackers Working with Ransomware Groups
An Iranian threat group linked to the GOI collaborates with ransomware affiliates, aiding network access and extortion for a ransom share.
Read more - article
Automotive Industry Faces Increased Cyberattacks
Recent ransomware attacks have severely impacted the automotive industry, disrupting car and parts availability, dealership operations, and global economies.
Read more - article
FIN7 Return Drives Increase in Cl0p Ransomware Attacks
FIN7 resumed operations in April 2024, fueling a rise in Cl0p ransomware attacks. Their partnership poses a heightened threat, using malvertising and trojans to target victims.
Read more - article
Malware Spotlight: Fog Ransomware
The Fog ransomware group is one of the few threat actors targeting one industry: education. This spotlight explores the group’s observed behavior, background information on the threat actor, and a technical analysis of Fog’s ransomware executable.
Read more - article
Ransomware and Cloud Security
Cloud infrastructures, seen as more secure than on-premise, face risks like cryptominers, DoS attacks, and extortion. Mr. Anazon, a threat actor, exploits these vulnerabilities, highlighting ongoing cloud security challenges.
Read more - article
Largest Data Breach of All Time (So Far)
On July 4th, 2024, a threat actor posted nearly ten billion unique passwords to a dark web forum. This was the second large dump of passwords from the threat actor calling themselves ObamaCare on the forum.
Read more - article
LockBit Claims to Have U.S. Federal Reserve Data
On June 25, LockBit claimed to have stolen 33 terabytes of data from the U.S. Federal Reserve. They posted 21 links with data from Evolve Bank & Trust, which was recently penalized for compliance issues.
Read more