Månatlig rapport om hotets höjdpunkter

March 2022

- Okta LAPSUS$ Compromise
- Heightened Awareness of Russian Threat Activity
- Chinese backed actor APT41 attacks US government
- Initial access broker for Conti uses complex social engineering
- RANSOMWARE: Trends and Notable Reports

RURansom targets Russia

Advisory on AvosLocker

HermeticRansom can be decrypted

Sophos collates their ransomware research

An analysis of LockBit 2.0

Estonian imprisoned for connection with ransomware and cybercrime

- Other Notable Highlights in Brief

 

Download report

April 2022

- CNI targeted with ICS malware
- FA Fatigue: A new attack technique
- The disruption of ZLoader
- A breakdown of ContiLeaks
- RANSOMWARE: Trends and Notable Reports

A look at Blackcat/ALPHV

Russia in the crosshairs

Quantum: a 4-hour attack

LockBit strike Rio de Janeiro finance department

BlackByte breakdown

Nokoyawa, a Nempty strain

- Other Notable Highlights in Brief

 

Download report

May 2022

- Advisory on initial access techniques
- Emotet back at full power
- BPFDoor, an insidious backdoor
- Ransomware: Trends and notable reports:

Is this the end of Conti?

Iran is carrying out ransomware attacks

Operator of Thanos builder charged

The return of REvil?

- Other notable highlights in brief

 

Download report

June 2022

- Follina, an exploited vulnerability in MSDT
- Emotet back at full power
- State-backed actors target Confluence vulnerability
- Law enforcement takes down Flubot
- Ransomware: Trends and notable reports

A look at the ransomware ecosystem

LockBit is updated to 3.0

An advisory on Karakurt

“Ransomware” targeting Elasticsearch

The costs of ransomware to businesses

- Other notable highlights in brief
- Research highlights: WithSecure™ ransomware threat update

 

Download report

July 2022

- Trickbot group attack Ukraine
- Brute Ratel being abused by threat actors
- Black Basta on the rise
- Ransomware: Trends and notable reports

BlackCat under the spotlight

Vice Society

A closer look at LockBit 3.0

Hive joins BlackCat in using Rust

CISA produce alert on MedusaLocker

HavanaCrypt, a new group with novel tactics

Q2 statistics from Digital Shadows

- Other notable highlights in brief

- Threat data highlights
- Research highlights: Ducktail: An infostealer malware targeting Facebook business accounts

Download report

August 2022

Top malware strains 2021

• Mailchimp and Twilio incidents highlight the supply chain issue
• State-backed actors target Confluence vulnerability
• Microsoft disrupt Callisto Group

Ransomware: Trends and notable reports

• ENISA’s ransomware threat landscape
• A history lesson on Ransomware
• A look at Initial Access Brokers
• Newcomers: SolidBit

Other notable highlights in brief
Research highlights: WithSecure™ ransomware threat update

Download report

September 2022

Monthly highlights
Ransomware: Trends and notable reports

• LockBit bug bounty and leaks
• Sparta ransomware
• Nations targeted by ransomware
• BianLian ransomware
• Ragnar Locker deep dive
• Technical analysis of Redeemer
• ExMatter for exfiltration and corruption

- Other notable highlights in brief

- Threat data highlights 

- Monthly highlights
- Ransomware: Trends and notable reports

• LockBit bug bounty and leaks
• Sparta ransomware
• Nations targeted by ransomware
• BianLian ransomware
• Ragnar Locker deep dive
• Technical analysis of Redeemer
• ExMatter for exfiltration and corruption

- Other notable highlights in brief

- Threat data highlights 

Download report

October 2022

Monthly highlights

• Military targets attacked
• Fortinet vulnerability under active attack

Ransomware: Trends and notable reports

• Automobile dealer group Pendragon held to $60m ransom
• “Prestige” ransomware hits Poland and Ukraine
• BlackByte abuse vulnerable drivers to bypass securit

Other notable highlights in brief

• GitHub rife with malicious code
• Two new Microsoft Exchange vulnerabilities being actively exploited
• FBI issue Iran hack-and-leak warning
• LinkedIn addresses fake profiles
• Abusing Chromium’s application mode to phish
• Healthcare sector report on commonly abused tools
• Joint report outlines top vulnerabilities exploited by China
• Zimbra vulnerability widely exploited

Threat data highlights

Detection and response highlights

Download report

November 2022

Monthly highlights

Ransomware: Trends and notable reports

• Quantum Locker targets Cloud Environments
• The Rise of Royal Ransomware
• BlackBasta linked to FIN7 Threat Actor
• US Govt issue HIVE ransomware advisory

Other notable highlights in brief

• DTrack activity targeting Europe and Latin America
• Emotet botnet operational after 5-month hiatus
• ProxyNotShell Exchange Exploits Available
• OpenSSL Vulnerability Downgraded

Threat Data highlights

Research highlights

• DUCKTAIL, continued
• Machine learning accuracy forecast

Detection and response highlights

Download report

December 2022

Monthly highlights

Ransomware: Trends and notable reports

• RansomBOGGS
• Ikea struck by Vice Society
• Guatemala hit by Onyx
• Trigona launch leak site
• Rackspace attack causes widespread issues

Other notable highlights in brief

• Twitter data breach exposed 5-400 million phone numbers
• Citrix and Fortinet patch actively exploited vulnerabilities
• Dolphin backdoor used by APT37
• InTheBox, a web-inject marketplace
• Infraguard breach

Threat Data highlights

Research highlights

• CISA’s known exploited vulnerabilities catalog

 

Download report

February 2022

- RUSSIA-UKRAINE CONFLICT: Related cyber activity
- SANDWORM: Using new malware Cyclops Blink
- KARAKURT: A threat actor focused on extortion
- DAXIN: A Chinese-linked espionage tool
- RANSOMWARE: Trends and Notable Reports

Recovery of data encrypted by Hive ransomware

Joint advisory on ransomware

CONTI Leaks

- Other Notable Highlights in Brief

 

Ladda ner rapporten

January 2022

- UKRAINE: Defacements and WhisperGate Wiper
- CISA: Russian Nation State Threats
- Log4j: A Pervasive Library Vulnerability
- SYSJOKER: New Backdoor Targets Windows, Mac and Linux
- EARTHLUSCA: Financially Motivated Chinese Threat Actor
- RANSOMWARE: Trends and Notable Reports

REvil Associates Arrested

Europol shutdown VPN Labservers

Other Ransomware Group Insights

- Other Notable Highlights in Brief

 

Ladda ner rapporten