RaaS
‘Darcula’ PhaaS Campaign Sinks Fangs into Victims
A sprawling phishing-as-a-service (PhaaS) campaign that has been running since at least last summer is using more than 20,000 fake domains to target a wide range of organizations in more than 100 ...
Security Boulevard
RaaS Groups Go Recruiting in Wake of LockBit, BlackCat Takedowns
The effects of the recent high-profile disruptions of LockBit’s and BlackCat ransomware operations by law enforcement agencies are rippling through the dark web, with smaller threat gangs looking to scoop up the ...
Security Boulevard
GootLoader: Unloaded
Madison Steel | | AttackIQ Flex, GootLoader, IAaaS, Initial-Access-as-a-Service, RaaS, ransomware as a service
GootLoader, a stealthy JavaScript-based downloader, has posed a persistent threat to Windows-based systems since 2020. In this article, we'll delve into who Gootloader is and how organizations can effectively emulate and test ...
DOJ Seizes Ransomware Site as BlackCat Threatens More Attacks
U.S. law enforcement agencies said they shut down the online operations of the notorious Russia-linked BlackCat ransomware-as-a-service (RaaS) group and developed a decryption tool that will help more than 500 victims regain ...
Security Boulevard
Making Sense of the 2023 Ransomware Landscape
Understanding the current ransomware landscape is the first step to helping defenders protect their organizations ...
Security Boulevard
Threat Groups Accelerating the Use of Dual Ransomware Attacks
Ransomware groups are shrinking the time between attacks on the same victim, sometimes targeting the same company twice within 48 hours using different malware variants, according to the FBI. In a notice ...
Security Boulevard
Zero-Day Flaws an Evolving Weapon in Ransomware Groups’ Arsenals
Ransomware gangs have for years gotten their malicious payloads into targeted systems primarily through phishing attacks or being dropped as a secondary payload from command-and-control frameworks. That is changing, according to researchers ...
Security Boulevard
Cloud Providers Becoming Key Players in Ransomware, Halcyon Warns
There are a number of components that make up a ransomware campaign, from the initial access brokers (IABs) to ransomware-as-a-service (RaaS) affiliates to organizations that launder cryptocurrency from the ransom payments. A ...
Security Boulevard
The Seven Phases of a Ransomware Attack: A Step-by-Step Breakdown of the Attack Lifecycle
Understanding the anatomy of a ransomware attack empowers security teams to strengthen defenses, reduce the risk of successful attacks, and protect organizations from the serious consequences of a ransomware incident. The post ...
Ransomware Closed 2022 With a Bang, Fueled by RaaS
It comes as no surprise that, as last year came to a close, Microsoft was tracking more than 50 unique active ransomware families and more than 100 threat actors that were using ...
Security Boulevard