Tag
#Threat Intelligence
32 published stories tagged with Threat Intelligence.
Brief: Trigona ransomware uses custom exfiltration tooling
Recent ransomware reporting said Trigona operators used a custom exfiltration tool. The key defender action is to monitor data staging, unusual archive creation, and outbound trans
Defender Guidance: Trigona ransomware uses custom exfiltration tooling
Recent ransomware reporting said Trigona operators used a custom exfiltration tool. The key defender action is to monitor data staging, unusual archive creation, and outbound trans
Detection Notes: Trigona ransomware uses custom exfiltration tooling
Recent ransomware reporting said Trigona operators used a custom exfiltration tool. The key defender action is to monitor data staging, unusual archive creation, and outbound trans
Risk Brief: Trigona ransomware uses custom exfiltration tooling
Recent ransomware reporting said Trigona operators used a custom exfiltration tool. The key defender action is to monitor data staging, unusual archive creation, and outbound trans
Brief: Kyber ransomware adopts post-quantum-themed encryption claims
BleepingComputer reported that Kyber ransomware uses Kyber1024 post-quantum encryption. The practical risk remains ransomware resilience and recovery, not speculative quantum impac
Defender Guidance: Kyber ransomware adopts post-quantum-themed encryption claims
BleepingComputer reported that Kyber ransomware uses Kyber1024 post-quantum encryption. The practical risk remains ransomware resilience and recovery, not speculative quantum impac
Detection Notes: Kyber ransomware adopts post-quantum-themed encryption claims
BleepingComputer reported that Kyber ransomware uses Kyber1024 post-quantum encryption. The practical risk remains ransomware resilience and recovery, not speculative quantum impac
Risk Brief: Kyber ransomware adopts post-quantum-themed encryption claims
BleepingComputer reported that Kyber ransomware uses Kyber1024 post-quantum encryption. The practical risk remains ransomware resilience and recovery, not speculative quantum impac
Brief: Gentlemen ransomware uses SystemBC botnet infrastructure
Ransomware reporting connected Gentlemen ransomware activity with the SystemBC botnet. Defenders should watch for proxy malware, suspicious persistence, and command-and-control beh
Defender Guidance: Gentlemen ransomware uses SystemBC botnet infrastructure
Ransomware reporting connected Gentlemen ransomware activity with the SystemBC botnet. Defenders should watch for proxy malware, suspicious persistence, and command-and-control beh
Detection Notes: Gentlemen ransomware uses SystemBC botnet infrastructure
Ransomware reporting connected Gentlemen ransomware activity with the SystemBC botnet. Defenders should watch for proxy malware, suspicious persistence, and command-and-control beh
Risk Brief: Gentlemen ransomware uses SystemBC botnet infrastructure
Ransomware reporting connected Gentlemen ransomware activity with the SystemBC botnet. Defenders should watch for proxy malware, suspicious persistence, and command-and-control beh
Brief: Ransomware groups leak each other’s data amid cybercrime disputes
Dark Reading reported disputes between ransomware groups resulting in leaked data. The incident shows that cybercrime ecosystems are unstable, but it does not reduce risk to victim
Defender Guidance: Ransomware groups leak each other’s data amid cybercrime disputes
Dark Reading reported disputes between ransomware groups resulting in leaked data. The incident shows that cybercrime ecosystems are unstable, but it does not reduce risk to victim
Detection Notes: Ransomware groups leak each other’s data amid cybercrime disputes
Dark Reading reported disputes between ransomware groups resulting in leaked data. The incident shows that cybercrime ecosystems are unstable, but it does not reduce risk to victim
Risk Brief: Ransomware groups leak each other’s data amid cybercrime disputes
Dark Reading reported disputes between ransomware groups resulting in leaked data. The incident shows that cybercrime ecosystems are unstable, but it does not reduce risk to victim
Brief: BreachForums breach exposes hundreds of thousands of cybercriminal accounts
Dark Reading reported that a BreachForums breach exposed 324,000 cybercriminals. The incident is useful for threat intelligence but should not be overstated beyond the source summa
Defender Guidance: BreachForums breach exposes hundreds of thousands of cybercriminal accounts
Dark Reading reported that a BreachForums breach exposed 324,000 cybercriminals. The incident is useful for threat intelligence but should not be overstated beyond the source summa
Detection Notes: BreachForums breach exposes hundreds of thousands of cybercriminal accounts
Dark Reading reported that a BreachForums breach exposed 324,000 cybercriminals. The incident is useful for threat intelligence but should not be overstated beyond the source summa
Risk Brief: BreachForums breach exposes hundreds of thousands of cybercriminal accounts
Dark Reading reported that a BreachForums breach exposed 324,000 cybercriminals. The incident is useful for threat intelligence but should not be overstated beyond the source summa
Brief: DDoSia hacktivist attacks continue to shape disruption risk
Dark Reading reported DDoSia hacktivist activity. Defenders should prepare DDoS runbooks, traffic baselines, and provider escalation paths.
Defender Guidance: DDoSia hacktivist attacks continue to shape disruption risk
Dark Reading reported DDoSia hacktivist activity. Defenders should prepare DDoS runbooks, traffic baselines, and provider escalation paths.
Detection Notes: DDoSia hacktivist attacks continue to shape disruption risk
Dark Reading reported DDoSia hacktivist activity. Defenders should prepare DDoS runbooks, traffic baselines, and provider escalation paths.
Risk Brief: DDoSia hacktivist attacks continue to shape disruption risk
Dark Reading reported DDoSia hacktivist activity. Defenders should prepare DDoS runbooks, traffic baselines, and provider escalation paths.
Brief: Sednit activity resurfaces in recent threat reporting
Dark Reading reported renewed Sednit activity. Organizations in likely target sectors should validate phishing controls, endpoint visibility, and incident escalation.
Defender Guidance: Sednit activity resurfaces in recent threat reporting
Dark Reading reported renewed Sednit activity. Organizations in likely target sectors should validate phishing controls, endpoint visibility, and incident escalation.
Detection Notes: Sednit activity resurfaces in recent threat reporting
Dark Reading reported renewed Sednit activity. Organizations in likely target sectors should validate phishing controls, endpoint visibility, and incident escalation.
Risk Brief: Sednit activity resurfaces in recent threat reporting
Dark Reading reported renewed Sednit activity. Organizations in likely target sectors should validate phishing controls, endpoint visibility, and incident escalation.
Brief: Venezuela military operation faces reported cyberattack
Dark Reading reported cyberattack activity tied to a Venezuela military operation. The source listing supports a regional threat-intelligence brief without technical overclaiming.
Defender Guidance: Venezuela military operation faces reported cyberattack
Dark Reading reported cyberattack activity tied to a Venezuela military operation. The source listing supports a regional threat-intelligence brief without technical overclaiming.
Detection Notes: Venezuela military operation faces reported cyberattack
Dark Reading reported cyberattack activity tied to a Venezuela military operation. The source listing supports a regional threat-intelligence brief without technical overclaiming.
Risk Brief: Venezuela military operation faces reported cyberattack
Dark Reading reported cyberattack activity tied to a Venezuela military operation. The source listing supports a regional threat-intelligence brief without technical overclaiming.