Community Content
BlackSuit Ransomware
Threat Overview – BlackSuit Ransomware BlackSuit ransomware recently has established itself as a significant threat since its emergence in May 2023. Originating from members of the Royal ransomware group, which was split ...
Spectre RAT
Threat Overview – Spectre RAT The Spectre remote access trojan (RAT) is modular malware that was first seen in September of 2020, being available as a malware-as-a-service (MaaS) program. Spectre RAT is ...
Hunting for Credential Theft – Identify When an InfoStealer May be Stealing Sensitive Access
Threat Overview – Hunting for Credential Theft – Identify When an InfoStealer May be Stealing Sensitive Access The recent SnowFlake incident has brought to light the importance of protecting your credentials and ...
DarkGate Malware
Threat Overview – DarkGate Malware DarkGate malware variant was first observed in the wild in 2018 (seemingly in production since 2017), evolving into a more dangerous and widespread version of itself in ...
GootLoader Malware
Threat Overview – GootLoader Malware The GootLoader malware variant is identified as a downloader, and is used to facilitate the pathway to the next stage(s) of infection. Seen in the wild since ...
Black Basta Ransomware and Threat Group
Threat Overview – Black Basta Ransomware and Threat Group **Black Basta** Ransomware and Threat Group (originally seen in 2022) is known to encrypt files on a victim’s computer or network, and hold ...
CVE-2024-3400 – Palo Alto OS Command Injection Vulnerability
Threat Overview – CVE-2024-3400 – Palo Alto OS Command Injection Vulnerability CVE-2024-3400 is a unauthenticated remote code execution vulnerability identified in devices utilizing GlobalProtect, and was identified by Volexity Threat Researchers on ...
Volt Typhoon: Advisory Update
Threat Overview – Volt Typhoon Threat Group On Tuesday (3/19/24), an advisory from President Biden’s administration was released to state governors, detailing the threat of foreign entities including the Volt Typhoon group ...
Phobos Unleashed: Navigating the Maze of Ransomware’s Ever-Evolving Threat
Threat Overview – Phobos The Phobos Ransomware variant has been active since May of 2019, targeting a variety of entities that include governments, emergency services, critical infrastructure, education and public healthcare. Operating ...
DarkCasino Strikes: Unveiling the Cyber Shadows of Water Hydra
Threat Overview – DarkCasino The APT group, DarkCasino (also known as Water Hydra), has been in the wild since 2021 and has had operations observed targeting online trading platforms in Asia, the ...