Cybercrime & Digital Threats

Underground platforms are part of a mature ecosystem for trading cybercrime goods and services. How does a capable hosting infrastructure allow illicit activities to thrive?

A Russian group dubbed as Cosmic Lynx initiated more than 200 BEC campaigns targeting hundreds of multinational companies.

In this report, we discussed new ransomware family Avaddon, updates on techniques of other ransomware, and our latest figures.

Browser extensions and malicious domains were used in a campaign that aims to track user activity and data.

Through investigation of recent cases, we have amassed more information on how Nefilim ransomware operates. Some notable updates are the use of other tools and the description of events that occur within the attack phases.

PowerShell's ubiquity has made it one of the most common tools cybercriminals abuse to perpetrate attacks and deliver fileless malware to systems. Here's how to track and defend against them.

We have come across a PowerShell script (mailer script) that distributes the Lemon Duck cryptominer through a new propagation method: Covid-19-themed emails with weaponized attachments.

An Investigation into the Current Condition of Underground Markets and Cybercriminal Forums

We have seen events that point to the resurgence of Qakbot, a multi-component, information-stealing threat first discovered in 2007.