The threat actors behind the Rhysida ransomware targeted multiple industries by posing as a cybersecurity team that offered to help its victims identify security weaknesses in their networks and systems. Although the group’s activity was first observed back in May 2023, its leak site was established as early as March 2023. Like other ransomware groups, it employs double extortion tactics to pressure its victims into paying a ransom demand in Bitcoin.Read more
- February 20, 2024The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today. With LockBit’s strong malware capabilities and affiliate program, organizations should keep abreast of its machinations to effectively spot risks and defend against attacks.
- November 28, 2023After the shutdown of its leak site in October, we look at how ransomware group Trigona operated during its period of activity and discuss how enterprises can fortify their defenses against similar threats.
- October 05, 2023This report spotlights Akira, a novel ransomware family with highly experienced and skilled operators at its helm.
- July 21, 2023Play is shaping up to be a player on the rise within the ransomware landscape, with its operators likely to continue using the ransomware in future. We take a deep dive into its operations and offer ways in which organizations can shore up their defenses against this emerging threat.
- June 05, 2023We detail everything you need to know about TargetCompany, a ransomware family with different monickers, including the evolution of its attack flow as it cemented its place in the threat landscape.
- March 15, 2023Backed by threat actors from Conti, Royal ransomware is poised to wreak havoc in the threat landscape, starting strong by taking a spot among the most prolific ransomware groups within three months since it was first reported. Combining new and old techniques and quick evolution, it is likely to remain a big player in the threat landscape in the future.
- January 26, 2023The Magniber ransomware initially targeted only Asian countries when it was first detected in 2017. However, it resurfaced in 2021 and continues to operate today with expanded targets around the globe. Magniber remains a significant player in the threat landscape, with malicious attackers likely to continue using the ransomware in future.
- December 07, 2022Cuba ransomware emerged on the scene with a spate of high-profile attacks in late 2021. Armed with an expansive infrastructure, impressive tools, and associated malware, Cuba ransomware is considered a significant player in the threat landscape, and is likely to remain so in the future through its continued evolution.
- October 27, 2022Known for its unconventional methods and use of advanced extortion techniques, BlackCat has quickly risen to prominence in the cybercrime community. As this ransomware group forges its way to gain more clout, we examine its operations and discuss how organizations can shore up their defenses against it.