Recent Posts
Verticals Targeted: Maritime, Nuclear
Executive Summary
SideWinder, an APT group thought to be of Indian nexus, was recently observed using new TTPs and expanding their targeting to include entities in the maritime and nuclear energy sectors.
Related Families: DragonForce, RansomHub, LockBit
Verticals Targeted: Construction, Real Estate, Financial
Executive Summary
Recent industry reporting highlights the ransomware threats faced by various entities in the Middle East. DragonForce ransomware was recently observed targeting a real estate and construction company in Saudi Arabia. However, this is only the tip of the iceberg, as entities in the Middle East, particularly financial services entities in Saudi Arabia and the UAE, are also being heavily targeted by ransomware.
Related Families: ValleyRAT
Verticals Targeted: Medical
Executive Summary
Chinese threat actor Silver Fox was recently observed targeting medical devices in a sophisticated campaign that delivers multiple malware families, including ValleyRAT.
Verticals Targeted: Manufacturing
Executive Summary
A persistent and sophisticated espionage campaign by the China-linked threat actor group Wicked Panda was observed targeting Japan’s manufacturing sector. The campaign has been dubbed RevivalStone.
Verticals Targeted: Healthcare, Government, Education, Technology, Manufacturing, SMBs
Executive Summary
Ghost, also known as Cring, is a ransomware family that has been active since at least late 2020. A recent uptick in Ghost activity prompted US agencies to release a joint cybersecurity advisory on Ghost.
