Threat actors are using Hive ransomware variants to target the government, communication, critical manufacturing, information technology, and healthcare sectors.
Initial access is carried out with phishing emails or by exploiting flaws in Internet facing applications.
The adversaries exfiltrate sensitive information prior to encrypting files and threatens to release the stolen data if the ransom is not paid.
Sign Up For Threat Alerts
Dec 01, 2022
UNC4191 Threat Group Targets Entities In The...
The UNC4191 threat group was discovered targeting entities in the Philippines with custom malware and...
Nov 30, 2022
Emotet Leads To Quantum Ransomware Infection
Threat actors were observed using Emotet to gain access to the victim's network and deploy...
Nov 29, 2022
RansomExx Upgrades to Rust
IBM Security X-Force Threat Researchers have discovered a new variant of the RansomExx ransomware that...
Nov 29, 2022
Ransomware Roundup: Cryptonite Ransomware
FortiGuard Labs has reported on Cryptonite ransomware, which was found to target Microsoft Windows machines...
Nov 28, 2022
Operation Typhoon: The Cyber Sea Lotus Coveting...
Cyber espionage actors, now designated by FireEye as APT32 (OceanLotus Group), are carrying out intrusions...
Nov 27, 2022
IL-Cert Alert – Active phishing campaign in...
There is a new phishing campaign in Israel. The malware relies upon user execution. The...
Nov 27, 2022
Emotets Vacation Is Over: No Rest For...
Emotet started as a banking Trojan in spreading via spam campaigns by imitating financial statements,...
Nov 24, 2022
Aurora: A Rising Stealer Flying Under The...
Aurora is a multipurpose botnet with data collection, information stealer, downloading, and remote access Trojan...
Nov 23, 2022
Analysis Of The ViperSoftX And VenomSoftX Information...
Torrents and software-sharing sites are being used to target victims across the globe with variants...
Nov 22, 2022
Wipermania
Wipers have existed for years, and while they haven't been utilized as much as ransomware,...
Nov 21, 2022
LockBit 3.0 Ransomware Unlocked
Also known as LockBit Black, this ransomware family announced itself stating that it would now...
Nov 21, 2022
Control Panel Executable Abused For QakBot Infection
QakBot campaign modifies deployment tactics and aims to exploit a DLL hijacking technique that abuses...
Nov 20, 2022
Earth Preta Spear-Phishing Governments Worldwide
Trend Micro teams have been monitoring a wave of spear-phishing attacks targeting the government, academic,...
Nov 16, 2022
DTrack activity targeting Europe and Latin America
DTrack is a backdoor used by the Lazarus group. It is used by the Lazarus...
Nov 15, 2022
BumbleBee Used To Drop A Meterpreter Agent
The intrusion began with the delivery of an ISO file that contained an LNK and...