Verticals Targeted: Technology, Education, Manufacturing, Transportation, Government
Executive Summary
GhostLocker, a ransomware family that has been in the wild since late 2023, is now under new management. Stormous, the new GhostLocker operators, have stated they are updating the program and will offer some ransomware services for free.
Related Families: Knight
Verticals Targeted: Healthcare, Financial, Auction House, Technology, Government
Executive Summary
RansomHub, a ransomware as a service (RaaS), is an offshoot of Knight and has quickly become one of the most active ransomware families in 2024.
Verticals Targeted: Healthcare, Finance, Government, Manufacturing, Education, Information Technology, Retail, Transportation, Utilities, Telecommunications
Executive Summary
A new Linux variant of TargetCompany ransomware was recently discovered that uses a custom shell script to deliver and execute payloads in ESXi environments.
Related Families: Qakbot
Verticals Targeted: Critical Infrastructure, Healthcare
Executive Summary
CISA recently issued an advisory warning critical infrastructure entities to harden their defenses against attacks from Black Basta.
Related Families: Effluence
Executive Summary
A Linux variant of Cerber ransomware was observed exploiting CVE-2023-22518, a vulnerability affecting Atlassian Confluence.
Verticals Targeted: Government, Healthcare
Executive Summary
INC is a relatively new ransomware group that has been active since summer 2023. The group recently claimed responsibility for attacks on Leicester City Council and NHS services in Scotland.
Related Families: Babuk
Verticals Targeted: Healthcare, Finance, Insurance