Verticals Targeted: Financial
Related Families: ALPHV/BlackCat
Verticals Targeted: Construction, IT, Legal Services, Retail, Healthcare, Transportation, Telecommunications, Hospitality, Finance, Real Estate, Manufacturing
Executive Summary
Cicada3301 is a new ransomware as a service (RaaS) that uses sophisticated TTPs to target vulnerabilities within network infrastructures to deploy its ransomware attacks.
Executive Summary
A new Lumma C2 variant that leverages PowerShell was recently observed. The new variant’s attack chain masquerades as CAPTCHA and actively exploits PowerShell commands.
Executive Summary
A MacOS variant of HZ Rat was recently discovered targeting messaging apps in China. HZ Rat is a basic backdoor, and shell commands received from the C2 provide additional functionality.
Verticals Targeted: Insurance, Aerospace, Transportation, Education, Finance, Technology, Healthcare, Automotive, Hospitality, Energy, Government, Media, Manufacturing, Telecommunications
Executive Summary
An espionage campaign delivering the Voldemort backdoor was recently observed targeting over 70 organizations. The campaign uses a novel attack chain to deliver the malware, leveraging Google Sheets for command and control (C2).
Related Families: Knight
Verticals Targeted: Healthcare, Financial, Auction House, Technology, Government
Executive Summary
RansomHub, a ransomware as a service (RaaS), is an offshoot of Knight and has quickly become one of the most active ransomware families in 2024.
Related Families: Atomic Stealer
Executive Summary
Cthulhu is a stealer malware targeting MacOS systems. First observed in 2023, this malware-as-a-service (MaaS) is capable of targeting both x86_64 and ARM architectures.
Verticals Targeted: Software Development