FIN7 AvNeuralizer Ftr

FIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks

This research explores how FIN7 has adopted automated attack methods and developed defense evasion techniques previously unseen in the wild.

Read More
Custom Branded Ransomware The Vice Society Group And The Threat Of Outsourced Development 3

Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development

New PolyVice ransomware is likely in use by multiple threat actors building re-branded payloads with the same custom encryption scheme.

Read More
Black Basta Feature

Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor

Black Basta operational TTPs are described here in full detail, revealing previously unknown tools and techniques and a link to FIN7.

Read More
Copy Of Relaying Potatoes  DCE RPC NTLM Relay EOP 7

Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol

A newly-discovered NTLM relay attack makes every Windows system vulnerable to an escalation of privileges attack, and there’s no patch in sight.

Read More