#RansomHub

Just Another Blue TeamerLeeArchinal@ioc.exchange
2025-06-30

Happy Monday everyone and what a way to start it!

I encourage you to read the latest report from The DFIR Report where they document an attack that started with a "password spray attack against an exposed RDP server" and ended in the #RansomHub ransomware strain being deployed in the victim's environment and spread over SMB.

I am going to forgo the brief summary because I truly believe these reports need to be read by you! But a bunch of LOLBINs were leveraged, including PowerShell and Windows Command Shell, of course RDP connections, MimiKatz, the Advanced IP Scanner, and many more! One behavior I will point out is that Persistence was gained by the actors deploying the legitimate RMM tools AteraAgent and Splashtop and then created services to run them!

This is another great example of an extremely thorough report and I hope you enjoy it as much as I do! Enjoy and Happy Hunting!

Hide Your RDP: Password Spray Leads to RansomHub Deployment
thedfirreport.com/2025/06/30/h

Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

2025-05-13

RansomHub, a ransomware-as-a-service (RaaS) operation, ranks as one of the most prolific cybercriminal groups investigated by Group-IB this year.

#RansomHub #ransomware #cybercrime #cybersecurity

cnews.link/cybercriminal-group

🖱🛠👉👕👈 SOSOrdinet 🎣🖥️🐛 🗞️SOSOrdinet@social.targaryen.house
2025-05-07
2025-04-30

#ransomhub one of the most prolific #ransomware groups over the past year, appears to have gone dark.

thehackernews.com/2025/04/rans

暗网下anwangxia
2025-04-19

DragonForce声称已经吞并暗网勒索软件团伙RansomHub

anwangxia.com/4051.html

2025-04-12

Allarme cybercrime in tutto il mondo. Attacchi hacker, boom in tutto il mondo. I gruppi che si occupano di cybercrimine stanno diventando sempre più organizzati: delle vere e proprie aziende. E attenzione alle criptovalute.
E' allarme criminalità in ambito informatico: nel secondo semestre del 2024, si è registrato un notevole incremento degli attacchi informatici...

#attacchihacker #criminalitàinformatica #DragonForce #intelligenzaartificiale #RansomHub #Ransomware

scienzamagia.eu/misteri-ufo/al

generata AI cubercrime attacchi hacker pishing criptovalute
2025-04-04

Da vértigo ver el nivel de organización de estos #RaaS (servicios de #ransomware ). Gracias a la gente de @ESETresearch por ofrecernos su informe sobre #ransomHub y los #EDR killer : welivesecurity.com/es/investig

Veckans poddavsnitt går igenom utpressningen av Sportadmin från start till slut. Intrånget ledde till Sveriges största utpressnings­relaterade dataläcka. youtube.com/watch?v=wO9pXg-Ih9

#BliSäker #Sportadmin #Ransomhub

Chum1ng0 - Security Research :verified:chum1ng0@infosec.exchange
2025-04-01

🇸🇻 The ransomware group RansomHub published Solventa’s data. Among the files are documents from the Salvadoran Social Security Institute (ISSS) containing employees’ personal and medical information. #PII #PHI

🔗 security-chu.com/2025/04/ranso

If you are an employee, former employee, or client, your data is on the Dark Web and could be used by scammers to contact you

#Elsalvador #ransomware #ransomhub #databreach #cybersecurity #ciberseguridad #LATAM #dataprotection #noticias #news

2025-03-31
2025-03-31

New post from #Ransomhub : Intellioan.Com
More at : ransomlook.io/group/Ransomhub #Ransomware

2025-03-31

New post from #Ransomhub : Delta-Life.Com
More at : ransomlook.io/group/Ransomhub #Ransomware

2025-03-31

New post from #Ransomhub : Jackpotjunction.Com
More at : ransomlook.io/group/Ransomhub #Ransomware

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst