Ransomware

Enterprises and organizations are facing a period of transition and uncertainty – malicious actors will hunker down and reuse tried-and-tested tools and techniques.

Cuba ransomware emerged on the scene with a spate of high-profile attacks in late 2021. Armed with an expansive infrastructure, impressive tools, and associated malware, Cuba ransomware is considered a significant player in the threat landscape, and is likely to remain so in the future through its continued evolution.

We discuss key trends in the ransomware threat landscape from April to September 2022. Data from RaaS and extortion groups’ leak sites, open-source intelligence (OSINT) research, and the Trend Micro™ Smart Protection Network™ points to LockBit, BlackCat, Black Basta, and Karakurt as the most active groups with the most victims.

Known for its unconventional methods and use of advanced extortion techniques, BlackCat has quickly risen to prominence in the cybercrime community. As this ransomware group forges its way to gain more clout, we examine its operations and discuss how organizations can shore up their defenses against it.

A relative newcomer in 2022, the Black Basta ransomware group has wasted no time making a name for itself by upgrading its toolset and racking up its victim count around the world mere months since its ransomware was first detected. Learn more about this new ransomware and fortify your organization’s defenses against this threat.

In our midyear security roundup, we highlight the most significant security stories that made a considerable impact on the threat landscape in the first half of 2022 amid a diffused labor pool and a widening digital attack surface.

BlackByte is a ransomware group that has been building a name for itself since 2021. Like its contemporaries, it has gone after critical infrastructure for a higher chance of getting a payout. What techniques sets it apart?

This report delves into the ransomware threat landscape of the first quarter of 2022, with a focus on the three most successful ransomware families and the types of industries and organizations that were affected by their attacks.

RansomEXX is a ransomware variant that gained notoriety after a spate of attacks in 2020 and continues to be active today. With its targeted nature and history for choosing high-profile victims, we shine our spotlight on RansomEXX to reveal its tactics, techniques, and procedures.