Emotet Leads To Quantum Ransomware Infection
Threat actors were observed using Emotet to gain access to the victim's network and deploy Quantum ransomware to devices on the domain.
Various tools were used for lateral movement, data exfiltration, and remote access including Cobalt Strike, Rclone, Tactical RMM, and AnyDesk.
Legitimate Windows tools such as systeminfo, ping, net, nltest, and whoami were used for local and remote discovery.
Featured Resources
blog
Get Ready to Get MCPwned — Cymulate’s Elite CTF on Securing the Model Context Protocol
When AI agents meet the real world, every protocol becomes a potential attack vector. That’s the big idea behind MCPwned,
CUSTOMERS
How a Retail Organization Became 12x Faster at Assessing Security Controls with Cymulate
Challenge This retail organization has a presence in 34 countries and over 5,800 stores. Its security team uses various controls
blog
Ransomware Detection Techniques: A Smarter Approach to Staying Ahead of Attacks
Ransomware attacks continue to rise in both volume and sophistication, crippling organizations, exfiltrating sensitive data and costing billions annually in