BlackSuit Ransomware

Threat Overview – BlackSuit Ransomware BlackSuit ransomware recently has established itself as a significant threat since its emergence in May 2023. Originating from members of the Royal ransomware group, which was split ...

Spectre RAT

Threat Overview – Spectre RAT The Spectre remote access trojan (RAT) is modular malware that was first seen in September of 2020, being available as a malware-as-a-service (MaaS) program. Spectre RAT is ...

Hunting for Credential Theft – Identify When an InfoStealer May be Stealing Sensitive Access

Threat Overview – Hunting for Credential Theft – Identify When an InfoStealer May be Stealing Sensitive Access The recent SnowFlake incident has brought to light the importance of protecting your credentials and ...

DarkGate Malware

Threat Overview – DarkGate Malware DarkGate malware variant was first observed in the wild in 2018 (seemingly in production since 2017), evolving into a more dangerous and widespread version of itself in ...

GootLoader Malware

Threat Overview – GootLoader Malware The GootLoader malware variant is identified as a downloader, and is used to facilitate the pathway to the next stage(s) of infection. Seen in the wild since ...

Black Basta Ransomware and Threat Group

Threat Overview – Black Basta Ransomware and Threat Group **Black Basta** Ransomware and Threat Group (originally seen in 2022) is known to encrypt files on a victim’s computer or network, and hold ...

CVE-2024-3400 – Palo Alto OS Command Injection Vulnerability

Threat Overview – CVE-2024-3400 – Palo Alto OS Command Injection Vulnerability CVE-2024-3400 is a unauthenticated remote code execution vulnerability identified in devices utilizing GlobalProtect, and was identified by Volexity Threat Researchers on ...

Volt Typhoon: Advisory Update

Threat Overview – Volt Typhoon Threat Group On Tuesday (3/19/24), an advisory from President Biden’s administration was released to state governors, detailing the threat of foreign entities including the Volt Typhoon group ...

Phobos Unleashed: Navigating the Maze of Ransomware’s Ever-Evolving Threat

Threat Overview – Phobos The Phobos Ransomware variant has been active since May of 2019, targeting a variety of entities that include governments, emergency services, critical infrastructure, education and public healthcare. Operating ...

DarkCasino Strikes: Unveiling the Cyber Shadows of Water Hydra

| | Community Content
Threat Overview – DarkCasino The APT group, DarkCasino (also known as Water Hydra), has been in the wild since 2021 and has had operations observed targeting online trading platforms in Asia, the ...