Crimeware

Crimeware vendors say 'macros are dead', but they have a new weapon to help threat actors successfully deploy malware.

LockBit 3.0 Update | Unpicking the Ransomware’s Latest Anti-Analysis and Evasion Techniques

Jim Walter / July 21, 2022

The self-proclaimed 'oldest ransomware affiliate on the planet' has new tricks and new features and continues to beat enterprise defenses.

Crimeware

LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility

James Haughom / April 27, 2022

Long-running LockBit ransomware attempts to evade Windows ETW, AMSI and EDR by leveraging legitimate VMware logging command line utility.

Crimeware

Nokoyawa Ransomware | New Karma/Nemty Variant Wears Thin Disguise

Antonis Terefos / April 21, 2022

Nemty developers have created a new, flawed update to the Karma ransomware variant in a bid to avoid detection and mislead attribution.

Crimeware

Sanctions Be Damned | From Dridex to Macaw, The Evolution of Evil Corp

Antonio Pirozzi / February 23, 2022

What really happened to Evil Corp after the OFAC sanctions? Did they cut and run, or are they still operating with impunity?

Crimeware

BlackCat Ransomware | Highly-Configurable, Rust-Driven RaaS On The Prowl For Victims

Jim Walter / January 18, 2022

With victims in the US, Australia and India, BlackCat is a new RaaS making a big impact. Learn more about this unique ransomware's behavior and IoCs.

Crimeware

New Rook Ransomware Feeds Off the Code of Babuk

Jim Walter / December 23, 2021

Scavenging code leaked from Babuk, Rook's first victim was a bank and the theft of 1123 GB of data. Learn more about this new ransomware operator.

Crimeware

Spook Ransomware | Prometheus Derivative Names Those That Pay, Shames Those That Don’t

Jim Walter / October 28, 2021

New ransomware operator publishes victim details even if they pay. Our technical analysis shows how Spook is connected to other well-known malware families.

Crimeware

Karma Ransomware | An Emerging Threat With A Hint of Nemty Pedigree

Antonis Terefos / October 18, 2021

Exploring the links between Karma and other well-known malware families such as NEMTY and JSWorm, we find further IoCs and an evolving threat.

Category

Crimeware

Who Needs Macros? | Threat Actors Pivot to Abusing Explorer and Other LOLBins via Windows Shortcuts

LockBit 3.0 Update | Unpicking the Ransomware’s Latest Anti-Analysis and Evasion Techniques

LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility

Nokoyawa Ransomware | New Karma/Nemty Variant Wears Thin Disguise

Sanctions Be Damned | From Dridex to Macaw, The Evolution of Evil Corp

BlackCat Ransomware | Highly-Configurable, Rust-Driven RaaS On The Prowl For Victims

New Rook Ransomware Feeds Off the Code of Babuk

Spook Ransomware | Prometheus Derivative Names Those That Pay, Shames Those That Don’t

Karma Ransomware | An Emerging Threat With A Hint of Nemty Pedigree

Category

Crimeware

Who Needs Macros? | Threat Actors Pivot to Abusing Explorer and Other LOLBins via Windows Shortcuts

LockBit 3.0 Update | Unpicking the Ransomware’s Latest Anti-Analysis and Evasion Techniques

CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware

LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility

Nokoyawa Ransomware | New Karma/Nemty Variant Wears Thin Disguise

Sanctions Be Damned | From Dridex to Macaw, The Evolution of Evil Corp

BlackCat Ransomware | Highly-Configurable, Rust-Driven RaaS On The Prowl For Victims

New Rook Ransomware Feeds Off the Code of Babuk

Spook Ransomware | Prometheus Derivative Names Those That Pay, Shames Those That Don’t

Karma Ransomware | An Emerging Threat With A Hint of Nemty Pedigree