🚨New Report🚨 #Akira: The Old-New Style Crime by Joshua Penny & me Research based on methodology, versions of public #malware, all #CTI and detection opportunities of #TA 🔗Full report: rexorvc0.com/2024/06/19/Aki… #RE #intel #ransomware #TA

In March 2024, #Eldorado launched an affiliate program on the #RAMP forum, seeking pentesters. Group-IB Threat Intelligence analysts jumped into it to find more information about their work.

After studying the 14 most active #ransomware actors, we've collected some new insights into their most common infection tactics, vulnerabilities exploited, and more. cs.co/60199QR61

ThreatLabz has uncovered new tools from #APT41 including #DodgeBox and #MoonWalk. DodgeBox utilizes EDR evasion techniques including call stack spoofing, unhooking APIs, and bypassing Control Flow Guard. The purpose of DodgeBox is to deploy the MoonWalk backdoor, which leverages

🚨 Our new report from the #TDR team details our investigation into the #Quad7 (7777) #botnet, describing its exploitation of compromised TP-Link routers to perform long-term password-spraying attacks against #Microsoft365 accounts. blog.sekoia.io/solving-the-77…

LATRODECTUS is rising through the ranks. Check out the capability updates that we revealed back in May: go.es.io/3Wwpo40

While business email compromise was still one of the most prevalent threats Talos IR saw over the past quarter, the frequency of #ransomware also rose. More in our new Quarterly Trends report released this morning cs.co/6013crUML

Power Rankings: Ransomware Malicious Quartile Q2-2024 The HalcyonAI team of #ransomware experts put together this #RaaS and #extortion quick reference guide based on data from throughout Q2-2024... halcyon.ai/blog/power-ran… #infosec #security #cybersecurity #cyberattack

I am happy to share a new resource I recently created called The Ransomware Tool Matrix: 🔗 blog.bushidotoken.net/2024/08/the-ra… #CTI #ThreatHunting #ThreatIntel #Ransomware

From 2020-2024, I tracked the SolarMarker malware, and in 2024, monitored a self-infection for months to learn their actions-on-objectives: on-device fraud. I didn't publish the details of my months long investigation until now. Check the link the the attached comment.

Microsoft Defender researchers observed attackers using yet another evasion approach to the ClickFix technique: Asking targets to run a command that executes a custom DNS lookup and parses the `Name:` response to receive the next-stage payload for execution.

Anybody know if hunt io killed their free community tier?