Resources
Providing you the latest industry-specific news and insights.
- article
New Group Emerges with Similarities to ALPHV/BlackCat
Cicada3301, a new RaaS group, emerged in June 2024. Using double extortion, they target Windows and Linux/VMware ESXi systems, posting victims on their dark website. Their methods show strong similarities to ALPHV/BlackCat ransomware.
Read more - article
Iranian Hackers Working with Ransomware Groups
An Iranian threat group linked to the GOI collaborates with ransomware affiliates, aiding network access and extortion for a ransom share.
Read more - article
Automotive Industry Faces Increased Cyberattacks
Recent ransomware attacks have severely impacted the automotive industry, disrupting car and parts availability, dealership operations, and global economies.
Read more - article
FIN7 Return Drives Increase in Cl0p Ransomware Attacks
FIN7 resumed operations in April 2024, fueling a rise in Cl0p ransomware attacks. Their partnership poses a heightened threat, using malvertising and trojans to target victims.
Read more - article
Threat Actors Exploiting New ESXi Vulnerability
Explore the critical need to secure your network from VMware ESXi vulnerabilities, such as CVE-2024-37085, exploited by ransomware groups. Learn best practices to protect your virtual environment and prevent unauthorized access.
Read more - article
Ransomware and Cloud Security
Cloud infrastructures, seen as more secure than on-premise, face risks like cryptominers, DoS attacks, and extortion. Mr. Anazon, a threat actor, exploits these vulnerabilities, highlighting ongoing cloud security challenges.
Read more - article
Largest Data Breach of All Time (So Far)
On July 4th, 2024, a threat actor posted nearly ten billion unique passwords to a dark web forum. This was the second large dump of passwords from the threat actor calling themselves ObamaCare on the forum.
Read more - podcast
Unmasking Fog: Ransomware Threats in K-12 Education
In today's episode, we explore a new threat actor targeting K-12 schools. Our hosts discuss the factors behind its success, why schools are at risk, and share actionable steps to boost cyber resilience and defend against these attacks.
Read more - article
Threat Actor Spotlight: BlackSuit Ransomware
First observed by Arete in May 2023, BlackSuit ransomware is an emerging cyber threat targeting organizations across several sectors. This spotlight explores the ransomware behavior observed, incident response data, and technical analysis.
Read more - article
RansomHub: An Emerging Ransomware-as-a-Service
RansomHub has attacked over 75 victims, believed to be a rebrand of Knight ransomware. Exploiting Windows ZeroLogon, they target high-profile entities like Frontier, Christie's, and Change Healthcare. RansomHub aggressively monetizes its attacks.
Read more - article
Windows Native Ransomware – Encrypting with Bitlocker
Bitlocker, a Windows app for full-volume encryption, is exploited by threat actors to encrypt files and demand ransom. Despite more advanced options, new actors like "Shrinklocker" still prefer Bitlocker for encryption.
Read more - article
ALPHV/BlackCat Disruption: Operations Resume
Despite law enforcement’s disruption to ALPHV/BlackCat’s infrastructure in December 2023, the group has since resumed operations.
Read more