Related Families: NewsTerminal, OfficeFuel, FuelDump, Gorble
Verticals Targeted: Government, Military, Education, Aerospace
Related Families: Rhysida, INC
Verticals Targeted: Healthcare
Executive Summary
Since late July, at least two ransomware groups have allegedly targeted healthcare vertical entities. The attacks were attributed to INC and Rhysida ransomware groups.
Verticals Targeted: Critical Infrastructure, Healthcare, Government, Manufacturing
Executive Summary
BlackSuit is a ransomware family that targets both Windows and Linux systems. A recent joint advisory published by CISA and the FBI confirmed BlackSuit is a rebrand of Royal. The advisory also highlighted new BlackSuit ransomware activity.
Verticals Targeted: Government
Executive Summary
BitSloth is a recently discovered Windows backdoor that uses a built-in feature called Background Intelligent Transfer Service (BITS) for C2.
Executive Summary
A new version of Mandrake Android spyware was observed being distributed by multiple Android APKs on the Google Play store earlier this year.
Related Families: Dtrack, Dora RAT, TigerRAT, SmallTiger, LightHand, ValidAlpha
Verticals Targeted: Military, Defense, Engineering, Technology, Education, Construction, Manufacturing, Gambling, Energy
Executive Summary
Last week, the US Department of Justice (DOJ) indicted Rim Jong Hyok, an individual allegedly affiliated with Silent Chollima. The group has been active since at least 2014 and is known to conduct espionage operations on behalf of North Korea.
Related Families: Macma, Suzafk
Verticals Targeted: NGO
Executive Summary
Evasive Panda recently updated its arsenal to include new TTPs and updated versions of existing malware. They were also observed using a shared framework for malware targeting Windows, Linux, MacOS, and Android systems.
