Threat Actor Profile: Scattered Spider
Scattered Spider, also known by other names like Octo Tempest, 0ktapus, and UNC3944, has emerged as a significant threat in the cybersecurity landscape. This ransomware gang is known for its…
161 reports
Scattered Spider, also known by other names like Octo Tempest, 0ktapus, and UNC3944, has emerged as a significant threat in the cybersecurity landscape. This ransomware gang is known for its…
The MGM Resorts International, a prominent player in the global hospitality and entertainment industry, experienced a devastating ransomware attack, orchestrated by the cybercriminal group…
JA3 hashes serve as unique fingerprints for SSL/TLS client-server communications, allowing for the identification of specific parameters used during the handshake process. This tool simplifies the…
The recent paper, " You Cannot Escape Me: Detecting Evasions of SIEM Rules in Enterprise Networks " highlights the ongoing battle in cybersecurity between attackers' evasion tactics and the…
LummaC2, a notorious malware-as-a-service (MaaS), has developed sophisticated evasion techniques to circumvent security measures and exfiltrate sensitive data from compromised systems. The…
The NetSupport RAT has emerged as a significant cyber threat, exploiting legitimate remote administration tools for malicious purposes. This report provides an in-depth analysis of recent…
Recent academic research has uncovered a significant vulnerability in Secure Shell (SSH) servers, a widely used protocol for secure communication in tasks like remote system access, file…
APT29, a Russian hacker group, has strategically employed the CVE-2023-38831 vulnerability in WinRAR in a series of cyberattacks targeting embassies. Known for its various aliases, including Cozy…
The LockBit ransomware group has emerged as a formidable cyber threat, targeting large corporations and disrupting global operations. This blog post delves into the recent activities of LockBit,…
In recent months, Citrix systems have faced significant cybersecurity challenges. The discovery of critical vulnerabilities, notably CVE-2023-4966 (Citrix Bleed) and CVE-2023-4967, has put…
Since February 2023, APT35, a notorious Iranian-backed threat actor, has been intensifying its cyber operations with a series of global password spray attacks. These attacks represent a strategic…
The need for a collective defense strategy is more critical than ever. The intricate nature of modern attacks calls for a unified approach, one that leverages shared cyber threat intelligence.…