Ransomware - Cybersec Sentinel (Page 3)

Ransomware

A collection of 26 posts

Qilin Ransomware Adopts Aggressive Credential Harvesting - October 2024 Update

Qilin Ransomware Adopts Aggressive Credential Harvesting - October 2024 Update

Threat Group: - Qilin (formerly known as "Agenda") Threat Type: - Ransomware-as-a-Service (RaaS) Exploited Vulnerabilities: - Zero-day vulnerabilities, VPN access without multi-factor authentication (MFA), spear-phishing, and remote monitoring tools Malware Used: - Qilin Ransomware, with variants developed in Golang and Rust Threat Score: - High (8.8/10)

KOK08 Ransomware: What to Know

KOK08 Ransomware: What to Know

Overview KOK08 ransomware, identified as a variant of the Matrix ransomware family, is involved in malicious activities including file encryption and data exfiltration. This ransomware uses sophisticated methods that are consistent with the broader trends observed in 2024, where targeted attacks on critical infrastructure and high-value targets have become more

SharpRhino Explained: Key Facts and How to Protect Your Data

SharpRhino Explained: Key Facts and How to Protect Your Data

Overview Quorum Cyber's Incident Response team has discovered a new malware, SharpRhino, during a recent ransomware investigation. SharpRhino, attributed to the ransomware group Hunters International, functions as both an initial infection vector and a Remote Access Trojan (RAT). This malware exemplifies the sophisticated methods ransomware groups are employing

Eldorado Strikes Windows and Linux

Eldorado Strikes Windows and Linux

Overview Eldorado is a new ransomware-as-a-service (RaaS) operation that has emerged targeting both Windows and Linux systems. First appearing on March 16, 2024, when an advertisement for its affiliate program was posted on the ransomware forum RAMP, Eldorado has since gained notoriety for its sophisticated capabilities and widespread impact. Technical

Update for Black Basta Ransomware - Targeting Critical Infrastructure

Update for Black Basta Ransomware - Targeting Critical Infrastructure

Executive Summary: The threat posed by the Black Basta ransomware to critical infrastructure is immediate and severe, with a notable surge in aggressive activities targeting essential sectors such as healthcare and energy. Recent intelligence underscores the group's deployment of sophisticated methods, including advanced malware tools like QAKBOT, Brute

KageNoHitobito Ransomware

KageNoHitobito Ransomware

Overview KageNoHitobito is a ransomware that has been actively targeting Windows users globally. It encrypts files on local drives, appending a ".hitobito" extension, and demands a ransom through a ransom note displayed on the victim’s desktop. Victims are directed to contact the attackers via a Tor site