Credit to Author: Ed Cabrera| Date: Fri, 08 Sep 2023 00:00:00 +0000
Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members.
Read moreCredit to Author: Nathaniel Morales| Date: Mon, 14 Aug 2023 00:00:00 +0000
The Monti ransomware collective has restarted their operations, focusing on institutions in the legal and governmental fields. Simultaneously, a new variant of Monti, based on the Linux platform, has surfaced, demonstrating notable differences from its previous Linux-based versions.
Read moreCredit to Author: Trend Micro Research| Date: Wed, 09 Aug 2023 00:00:00 +0000
In this blog entry, we will provide details on Rhysida, including its targets and what we know about its infection chain.
Read moreCredit to Author: Don Ovid Ladores| Date: Mon, 07 Aug 2023 00:00:00 +0000
In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems.
Read moreCredit to Author: Ieriz Nicolle Gonzalez| Date: Fri, 07 Jul 2023 00:00:00 +0000
We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware.
Read moreCredit to Author: Arianne Dela Cruz| Date: Fri, 23 Jun 2023 00:00:00 +0000
The Trigona ransomware is a relatively new ransomware family that began activities around late October 2022 — although samples of it existed as early as June 2022. Since then, Trigona’s operators have remained highly active, and in fact have been continuously updating their ransomware binaries.
Read moreCredit to Author: Earle Maui Earnshaw| Date: Tue, 06 Jun 2023 00:00:00 +0000
This blog talks about the latest TargetCompany ransomware variant, Xollam, and the new initial access technique it uses. We also investigate previous variants’ behaviors and the ransomware family’s extortion scheme.
Read moreCredit to Author: Katherine Casona| Date: Wed, 31 May 2023 00:00:00 +0000
In this blog entry, we analyze BlackSuit ransomware and how it compares to Royal Ransomware.
Read moreCredit to Author: Mahmoud Zohdy| Date: Mon, 22 May 2023 00:00:00 +0000
In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase.
Read moreCredit to Author: Don Ovid Ladores| Date: Fri, 28 Apr 2023 00:00:00 +0000
In March and April 2023, we observed a type of ransomware targeting its victims via a minimalistic approach with tools that leave only a minimal footprint behind. Our findings revealed many of the preparations made by the perpetrators and how quickly they managed to carry out the ransomware attack.
Read more