Ransomware

A collection of 16 posts
Andariel Hacking Group Targets Global Defense and Infrastructure Sectors
Ransomware

Andariel Hacking Group Targets Global Defense and Infrastructure Sectors

Threat Group: - Andariel (Subgroup of Lazarus Group, aka Stonefly, Silent Chollima, Onyx Sleet) Threat Type: - Advanced Persistent Threat (APT), Ransomware, Cyber Espionage Exploited Vulnerabilities: - CVE-2023-22515 (Atlassian Confluence), CVE-2023-27350 (PaperCut), CVE-2023-42793 (TeamCity), CVE-2021-44228 (Apache Log4j) Malware Used: - DTrack, Maui, Dora RAT, Nukebot, SHATTEREDGLASS, Sliver, Mimikatz Threat Score:
3 min read
Storm-0501 Expands Ransomware Reach by Targeting Cloud Infrastructure
Ransomware

Storm-0501 Expands Ransomware Reach by Targeting Cloud Infrastructure

Threat Group: Storm-0501 Threat Type: Ransomware Exploited Vulnerabilities: Zoho ManageEngine (CVE-2022-47966), Citrix NetScaler (CVE-2023-4966), ColdFusion (CVE-2023-29300) Malware Used: Embargo Ransomware Threat Score: High (8.5/10) — Due to significant lateral movement across hybrid cloud environments, strong persistence mechanisms, and critical data exfiltration. Last Threat Observation: September 2024 by Microsoft Threat
3 min read
Kransom Ransomware Exploits DLL Side-Loading and Certificate Misuse
Ransomware

Kransom Ransomware Exploits DLL Side-Loading and Certificate Misuse

Threat Group: Kransom Threat Type: Ransomware Exploited Vulnerabilities: Unpatched software vulnerabilities, phishing Malware Used: Kransom Ransomware Threat Score: High (8/10) — Advanced evasion techniques and use of legitimate digital certificates make detection challenging Last Threat Observation: September 2024, verified through multiple cybersecurity sources Overview Kransom ransomware is a newly identified
2 min read
Rising Phobos Ransomware Activity in High-Impact Sectors
Ransomware

Rising Phobos Ransomware Activity in High-Impact Sectors

Threat Group: Phobos Ransomware Operators Threat Type: Ransomware-as-a-Service (RaaS) Exploited Vulnerabilities: Exposed Remote Desktop Protocol (RDP) Ports, Weak Passwords, Phishing Attacks Malware Used: Phobos Ransomware Overview: Phobos ransomware remains a significant and evolving threat, particularly targeting critical sectors such as healthcare, government, and education. Since its emergence in 2019, Phobos
3 min read