Skip to content

Categories: developing threats

  • Logpoint har udarbejdet en rapport, der fremhæver Cactus’ TTP'er og IoC'er for at lave alert-regler, som kan hjælpe med at identificere, hvis gruppens metoder er i brug.

    Cactus: Forsvar mod ny ransomware-trussel

    Cactus dukkede op i marts i år og har siden opbygget en omfattende portefølje af højt profilerede ofre. Logpoint har analyseret gruppens taktikker, teknikker og procedurer (TTP'er) samt indikatorer for kompromittering (IoC'er) for at etablere effektive forsvar.

  • Logpoint has collated a report highlighting the TTPs and IoCs applied by Cactus to create alert rules to detect methods the group uses

    Cactus: Defending against a ransomware newcomer

    Cactus emerged in March this year and has since built an extensive portfolio of high-profile victims. Logpoint has analyzed Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IoCs) to establish defenses.
    COPENHAGEN, Denmark, November 27, 2023 – Cactus has emerged as a sophisticated ransomware group with a severe impact on its victims. The newcomer first appeared in March

  • Cozy Bear: Afdækning af berygtet cybergruppes arsenal

    Cozy Bear: Afdækning af berygtet cybergruppes arsenal

    Den berygtede statsstøttede APT-gruppe (Advanced Persistent Threat) med forbindelse til Rusland er stadig aktiv og udgør en alvorlig trussel mod organisationer. Logpoint har analyseret gruppens taktikker, teknikker og procedurer (TTP'er) for at hjælpe organisationer med at opdage trusselaktøren og minimere truslen.

  • The infamous state-sponsored Advanced Persistent Threat (APT) linked to Russia remains active, posing a severe threat to organizations

    Cozy Bear: Unmasking the decades-long espionage arsenal

    The infamous state-sponsored Advanced Persistent Threat (APT) linked to Russia remains active, posing a severe threat to organizations. Logpoint has analyzed the Tactics, Techniques, and Procedures (TTPs), helping organizations detect the threat actor.

  • Akira: A new ransomware gang wreaks havoc

    Akira: A new ransomware gang wreaks havoc

    Emerging in March this year, Akira quickly joined the most active ransomware groups as number four. Logpoint has analyzed the Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise IoCs enabling protection.

  • Hunting BlackCat: A ransomware family on the rise

    Hunting BlackCat: A ransomware family on the rise

    Logpoint research reveals that BlackCat has the fourth-highest number of victims in the last six months. BlackCat uses its public leak site to intimidate victims, where anyone can easily search and access the leaked victim information.

  • An old acquaintance resurfaces with new capabilities

    QakBOT: An old acquaintance resurfaces with new capabilities

    A new Logpoint study reveals that the latest QakBot malware version is heavily used in malspam campaigns by notorious ransomware gangs. The new QakBot emergence uses multiple, simple yet effective defense evasion techniques against static detection methods.

  • There’s no one cyber tool that can protect your enterprise against Log4Shell. A combination of tools and a defense-in-depth mindset will give organizations the ability to detect post-compromise activity and stop the attack.

    Tackling Log4Shell requires a defence-in-depth strategy

    The Log4Shell vulnerability is serious – it’s difficult to detect, used in lots and lots of software, and is the perfect vehicle to get malware into your network. There’s no one cyber tool that can protect your enterprise against Log4Shell. A combination of tools and a defense-in-depth mindset will give organizations the ability to detect post-compromise activity and stop the attack.

  • Fighting the ransomware war

    Fighting the ransomware war

    By LogPoint CTO Christian Have
    Ransomware attacks are becoming increasingly devastating to companies. Not only do they inflict massive disruptions to operations, but criminals are also asking for ever-larger ransoms to unlock the encrypted files and machines hit by the attacks.
    Throughout the last months, state-sponsored ransomware attacks inflicting damage on critical infrastructure have d