Monthly Threat Highlights Report

Insights from the cyber threat landscape - courtesy of WithSecure™ Countercept's own Threat Intelligence team.

Latest highlights

May 2022

- Advisory on initial access techniques
- Emotet back at full power
- BPFDoor, an insidious backdoor
- Ransomware: Trends and notable reports:

  • Is this the end of Conti?
  • Iran is carrying out ransomware attacks
  • Operator of Thanos builder charged
  • The return of REvil?
  • - Other notable highlights in brief

     

    Download report

    April 2022

    - CNI targeted with ICS malware
    - FA Fatigue: A new attack technique
    - The disruption of ZLoader
    - A breakdown of ContiLeaks
    - RANSOMWARE: Trends and Notable Reports

  • A look at Blackcat/ALPHV
  • Russia in the crosshairs
  • Quantum: a 4-hour attack
  • LockBit strike Rio de Janeiro finance department
  • BlackByte breakdown
  • Nokoyawa, a Nempty strain
  • - Other Notable Highlights in Brief

     

    Download report

    March 2022

    - Okta LAPSUS$ Compromise
    - Heightened Awareness of Russian Threat Activity
    - Chinese backed actor APT41 attacks US government
    - Initial access broker for Conti uses complex social engineering
    - RANSOMWARE: Trends and Notable Reports

  • RURansom targets Russia
  • Advisory on AvosLocker
  • HermeticRansom can be decrypted
  • Sophos collates their ransomware research
  • An analysis of LockBit 2.0
  • Estonian imprisoned for connection with ransomware and cybercrime
  • - Other Notable Highlights in Brief

     

    Download report

    Previous reports

    2022

    February 2022

    - RUSSIA-UKRAINE CONFLICT: Related cyber activity
    - SANDWORM: Using new malware Cyclops Blink
    - KARAKURT: A threat actor focused on extortion
    - DAXIN: A Chinese-linked espionage tool
    - RANSOMWARE: Trends and Notable Reports

  • Recovery of data encrypted by Hive ransomware
  • Joint advisory on ransomware
  • CONTI Leaks
  • - Other Notable Highlights in Brief

     

    Download report

    January 2022

    - UKRAINE: Defacements and WhisperGate Wiper
    - CISA: Russian Nation State Threats
    - Log4j: A Pervasive Library Vulnerability
    - SYSJOKER: New Backdoor Targets Windows, Mac and Linux
    - EARTHLUSCA: Financially Motivated Chinese Threat Actor
    - RANSOMWARE: Trends and Notable Reports

  • REvil Associates Arrested
  • Europol shutdown VPN Labservers
  • Other Ransomware Group Insights
  • - Other Notable Highlights in Brief

     

    Download report
    2021