Related Families: LockBit 3.0, Conti
Verticals Targeted: Business Services, Construction, Retail, Telecommunications, Manufacturing, Mining, Government, Healthcare, Transportation, Energy, Software, Education
DragonForce Ransomware
Oct 4, 2024 1:05:42 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Lockbit 3.0, Conti, evolving, Emerging, DragonForce
Vice Society Using INC Ransomware to Target Healthcare Vertical
Sep 27, 2024 4:06:33 PM / by The Hivemind posted in Threat Bulletin, Ransomware, INC, Vice Society
Verticals Targeted: Healthcare
Executive Summary
Vice Society was recently observed using INC ransomware to target entities in the healthcare sector.
Cicada3301 Ransomware
Sep 20, 2024 11:04:36 AM / by The Hivemind posted in Threat Bulletin, Ransomware, BlackCat, ALPHV, Cicada3301
Related Families: ALPHV/BlackCat
Verticals Targeted: Construction, IT, Legal Services, Retail, Healthcare, Transportation, Telecommunications, Hospitality, Finance, Real Estate, Manufacturing
Executive Summary
Cicada3301 is a new ransomware as a service (RaaS) that uses sophisticated TTPs to target vulnerabilities within network infrastructures to deploy its ransomware attacks.
RansomHub
Sep 6, 2024 11:35:47 AM / by The Hivemind posted in Threat Bulletin, Ransomware, RansomHub, Knight
Related Families: Knight
Verticals Targeted: Healthcare, Financial, Auction House, Technology, Government
Executive Summary
RansomHub, a ransomware as a service (RaaS), is an offshoot of Knight and has quickly become one of the most active ransomware families in 2024.
Recent Ransomware Attacks on the Healthcare Vertical
Aug 19, 2024 12:54:46 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare, Disbuk, Rhysida, INC
Related Families: Rhysida, INC
Verticals Targeted: Healthcare
Executive Summary
Since late July, at least two ransomware groups have allegedly targeted healthcare vertical entities. The attacks were attributed to INC and Rhysida ransomware groups.
BlackSuit Confirmed as Royal Ransomware Rebrand
Aug 12, 2024 2:08:09 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Royal, BlackSuit
Verticals Targeted: Critical Infrastructure, Healthcare, Government, Manufacturing
Executive Summary
BlackSuit is a ransomware family that targets both Windows and Linux systems. A recent joint advisory published by CISA and the FBI confirmed BlackSuit is a rebrand of Royal. The advisory also highlighted new BlackSuit ransomware activity.
Play Ransomware Linux Variant Discovered
Jul 26, 2024 3:02:38 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Play, ESXi
Executive Summary
A Linux variant of Play ransomware has been observed that is capable of targeting ESXi environments.
GhostLocker Ransomware
Jul 5, 2024 2:05:23 PM / by The Hivemind posted in Threat Bulletin, Ransomware, GhostLocker, GhostSec, Stormous
Verticals Targeted: Technology, Education, Manufacturing, Transportation, Government