The gang has been observed gaining access to victim networks via remote desktop protocol (RDP) credentials that were likely acquired from initial access brokers or via phishing attacks
Read More...
These add too many other unique, non-Babuk-based ransomware strains targeting VMware ESXi virtual machines discovered in the wild for several years
Read More...
Researchers found that Cactus obtains initial access into the victim network by exploiting known vulnerabilities in Fortinet VPN appliances
Read More...
Ransomware operations have followed this trend and created Linux encryptors dedicated to targeting ESXi servers to encrypt all data used by the enterprise properly
Read More...
The MS-SQL servers are being breached via brute-force or dictionary attacks that take advantage of easy-to-guess account credentials
Read More...
Threat actors behind the LockBit ransomware operation have developed new artifacts that encrypt files on devices running Apple's macOS operating system
Read More...
Qbot's use of a new email distribution method was detected — PDF attachments that download Windows Script Files to install Qbot on victims' devices
Read More...
After the initial compromise, the threat actor used the Advanced IP Scanner and ADRecon utilities to gather information about the victim's environment
Read More...
This week was highlighted by a massive BlackBasta ransomware attack targeting DISH Network and taking down numerous subsidiaries, including SlingTV and Boost Mobile
Read More...
From ongoing attacks targeting ESXi servers to sanctions on Conti/TrickBot members, it has been quite a busy week regarding ransomware
Read More...