Overview Quorum Cyber's Incident Response team has discovered a new malware, SharpRhino, during a recent ransomware investigation. SharpRhino, attributed to the ransomware group Hunters International, functions as both an initial infection vector and a Remote Access Trojan (RAT). This malware exemplifies the sophisticated methods ransomware groups are employing

Overview Eldorado is a new ransomware-as-a-service (RaaS) operation that has emerged targeting both Windows and Linux systems. First appearing on March 16, 2024, when an advertisement for its affiliate program was posted on the ransomware forum RAMP, Eldorado has since gained notoriety for its sophisticated capabilities and widespread impact. Technical

Executive Summary: The threat posed by the Black Basta ransomware to critical infrastructure is immediate and severe, with a notable surge in aggressive activities targeting essential sectors such as healthcare and energy. Recent intelligence underscores the group's deployment of sophisticated methods, including advanced malware tools like QAKBOT, Brute

Overview KageNoHitobito is a ransomware that has been actively targeting Windows users globally. It encrypts files on local drives, appending a ".hitobito" extension, and demands a ransom through a ransom note displayed on the victim’s desktop. Victims are directed to contact the attackers via a Tor site