Doppelte Erpressung möglich: Cyberkriminelle im Clinch | heise online https://www.heise.de/news/Doppelte-Erpressung-moeglich-Cyberkriminelle-im-Clinch-10477705.html #CyberCrime #Ransomware #Malware #DragonForce #RansomHub
Doppelte Erpressung möglich: Cyberkriminelle im Clinch | heise online https://www.heise.de/news/Doppelte-Erpressung-moeglich-Cyberkriminelle-im-Clinch-10477705.html #CyberCrime #Ransomware #Malware #DragonForce #RansomHub
“No honor among thieves”: M&S hacking group starts turf war
https://arstechnica.com/security/2025/07/no-honor-among-thieves-ms-hacking-group-starts-turf-war/
#cybercrime #Harrods #CoOp #MarksAndSpencer #DragonForce #RansomHub #privacy #cybersecurity #ransomware
Happy Monday everyone and what a way to start it!
I encourage you to read the latest report from The DFIR Report where they document an attack that started with a "password spray attack against an exposed RDP server" and ended in the #RansomHub ransomware strain being deployed in the victim's environment and spread over SMB.
I am going to forgo the brief summary because I truly believe these reports need to be read by you! But a bunch of LOLBINs were leveraged, including PowerShell and Windows Command Shell, of course RDP connections, MimiKatz, the Advanced IP Scanner, and many more! One behavior I will point out is that Persistence was gained by the actors deploying the legitimate RMM tools AteraAgent and Splashtop and then created services to run them!
This is another great example of an extremely thorough report and I hope you enjoy it as much as I do! Enjoy and Happy Hunting!
Hide Your RDP: Password Spray Leads to RansomHub Deployment
https://thedfirreport.com/2025/06/30/hide-your-rdp-password-spray-leads-to-ransomhub-deployment/
Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday
Ransomware Gangs Collapse as Qilin Seizes Control
#RansomHub #LockBit #Everest #DragonForce #QilinGroup
https://www.cybereason.com/blog/threat-alert-qilin-seizes-control
RansomHub, a ransomware-as-a-service (RaaS) operation, ranks as one of the most prolific cybercriminal groups investigated by Group-IB this year.
#RansomHub #ransomware #cybercrime #cybersecurity
https://cnews.link/cybercriminal-group-face-stealing-malware-1/
“De #RansomHub à #Qilin” : potentielle mise en lumière sur un partenariat ou une migration du #ransomware vers d'autres cyber-groupes !
IP cluster linking ransomware activity and Eye Pyramid C2
#EyePyramid #RansomHub #Rhysida #ViceSociety
https://www.intrinsec.com/wp-content/uploads/2025/04/TLP-CLEAR-IP-cluster-linking-ransomware-activity-and-Eye-Pyramid-C2-EN.pdf
#ransomhub one of the most prolific #ransomware groups over the past year, appears to have gone dark.
https://thehackernews.com/2025/04/ransomhub-went-dark-april-1-affiliates.html
DragonForce声称已经吞并暗网勒索软件团伙RansomHub
#DragonForce #RansomHub #勒索软件团伙
https://www.anwangxia.com/4051.html
Allarme cybercrime in tutto il mondo. Attacchi hacker, boom in tutto il mondo. I gruppi che si occupano di cybercrimine stanno diventando sempre più organizzati: delle vere e proprie aziende. E attenzione alle criptovalute.
E' allarme criminalità in ambito informatico: nel secondo semestre del 2024, si è registrato un notevole incremento degli attacchi informatici...
#attacchihacker #criminalitàinformatica #DragonForce #intelligenzaartificiale #RansomHub #Ransomware
https://scienzamagia.eu/misteri-ufo/allarme-cybercrime-in-tutto-il-mondo/
Shifting the sands of RansomHub’s EDRKillShifter
#EDRKillShifter #MedusaRansomware #PLAY #BianLian #RansomHub
https://www.welivesecurity.com/en/eset-research/shifting-sands-ransomhub-edrkillshifter/
Ransomware : DragonForce tend la main à RansomHub
https://www.lemagit.fr/actualites/366622143/Ransomware-DragonForce-tend-la-main-a-RansomHub
#Infosec #Security #Cybersecurity #CeptBiro #Ransomware #DragonForce #RansomHub
Da vértigo ver el nivel de organización de estos #RaaS (servicios de #ransomware ). Gracias a la gente de @ESETresearch por ofrecernos su informe sobre #ransomHub y los #EDR killer : https://www.welivesecurity.com/es/investigaciones/edrkillshifter-ransomhub-grupos-rivales/
Veckans poddavsnitt går igenom utpressningen av Sportadmin från start till slut. Intrånget ledde till Sveriges största utpressningsrelaterade dataläcka. https://www.youtube.com/watch?v=wO9pXg-Ih9g
Cyberattack Forces Shutdown at Lower Sioux Casino in Minnesota #TribalGovernment #Casino #GamingIndustry #Cyberattack #Ransomware #RansomHub #Minnesota https://dysruptionhub.com/jackpot-junction-cyberattack-minnesota/
🇸🇻 The ransomware group RansomHub published Solventa’s data. Among the files are documents from the Salvadoran Social Security Institute (ISSS) containing employees’ personal and medical information. #PII #PHI
🔗 https://www.security-chu.com/2025/04/ransomhub-informacion-robada-solventa-El-Salvador.html
If you are an employee, former employee, or client, your data is on the Dark Web and could be used by scammers to contact you
#Elsalvador #ransomware #ransomhub #databreach #cybersecurity #ciberseguridad #LATAM #dataprotection #noticias #news
New post from #Ransomhub : Europtec.Com
More at : https://www.ransomlook.io/group/Ransomhub #Ransomware
New post from #Ransomhub : Intellioan.Com
More at : https://www.ransomlook.io/group/Ransomhub #Ransomware
New post from #Ransomhub : Delta-Life.Com
More at : https://www.ransomlook.io/group/Ransomhub #Ransomware
New post from #Ransomhub : Jackpotjunction.Com
More at : https://www.ransomlook.io/group/Ransomhub #Ransomware