Threat spotlight

Meet Exotic Lily, access broker for ransomware and other malware peddlers - Exotic Lily is the name given to a group of cybercriminals that specialized as an initial access broker, serving groups like Conti and Diavol ransomware.
Cyclops Blink malware: US and UK authorities issue alert - US and UK authorities have attributed the newly found malware Cyclops Blink to the Russian state-sponsored Sandworm group.
Threat spotlight: Conti, the ransomware used in the HSE healthcare attack - Conti ransomware has caught the world’s attention after being used in attacks against Ireland's public healthcare system.
PYSA, the ransomware attacking schools - PYSA is big game ransomware that's been used in targeted attacks against large private organizations, healthcare, and most recently, the education sector.
HelloKitty: When Cyberpunk met cy-purr-crime - HelloKitty was a relatively unheard-of ransomware family—until it became involved in an attack against the Polish video game developer, CD Projekt Red, in early February.
Threat profile: Egregor ransomware is making a name for itself - The Egregror ransomware is quickly making a name for itself by victimizing big corporations. How does it work and what is its background?
Threat spotlight: WastedLocker, customized ransomware - WastedLocker ransomware, attributed to the Russian Evil Corp gang, is such a targeted threat, you might call it a custom-built ransomware family.
Search hijackers change Chrome policy to remote administration - Search hijackers are always looking for ways to get and stay installed. Here is one that changed a Chrome policy and set it to remote administration.
Maze: the ransomware that introduced an extra twist - Maze ransomware attacks featured the first group of cyber-criminals to add the threat of publishing exfiltrated data to the ransomware business model

Select your language