Cactus dukkede op i marts i år og har siden opbygget en omfattende portefølje af højt profilerede ofre. Logpoint har analyseret gruppens taktikker, teknikker og procedurer (TTP'er) samt indikatorer for kompromittering (IoC'er) for at etablere effektive forsvar.
Cactus emerged in March this year and has since built an extensive portfolio of high-profile victims.
Logpoint has analyzed Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IoCs) to establish defenses.
COPENHAGEN, Denmark, November 27, 2023 – Cactus has emerged as a sophisticated ransomware group with a severe impact on its victims. The newcomer first appeared in March
Den berygtede statsstøttede APT-gruppe (Advanced Persistent Threat) med forbindelse til Rusland er stadig aktiv og udgør en alvorlig trussel mod organisationer. Logpoint har analyseret gruppens taktikker, teknikker og procedurer (TTP'er) for at hjælpe organisationer med at opdage trusselaktøren og minimere truslen.
The infamous state-sponsored Advanced Persistent Threat (APT) linked to Russia remains active, posing a severe threat to organizations. Logpoint has analyzed the Tactics, Techniques, and Procedures (TTPs), helping organizations detect the threat actor.
Emerging in March this year, Akira quickly joined the most active ransomware groups as number four. Logpoint has analyzed the Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise IoCs enabling protection.
8base er blandt de 5 mest aktive ransomware-grupper denne sommer og Logpoint har offentliggjort TTP'er (Tactics, Techniques, & Procedures) og IoC'er (Indicators of Compromise) knyttet til gruppen.
8base is among the top 5 ransomware groups this summer, and Logpoint has uncovered the Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise IoCs to look out for.
Logpoint research reveals what organizations should monitor for to safeguard against the rapid increase in royal ransomware attacks. The Royal ransomware group has leaked data of more than 60 victims since November 2022.
Logpoint research reveals that Emotet has developed into a Loader-as-a-Service - a dropper of other malware. Logpoint recommends looking out for its common TTPs, IoCs, and malicious macros to detect Emotet.
Logpoint research reveals that BlackCat has the fourth-highest number of victims in the last six months. BlackCat uses its public leak site to intimidate victims, where anyone can easily search and access the leaked victim information.
Logpoint Global Services has researched the banking trojan IcedID, which has developed into a gateway for more sophisticated attacks. IcedID leverage legitimate infrastructure like contact forms and email to deliver fake legal threats or spoofed invoices.
New Logpoint study unfolds the ransomware threat landscape in the wake of the LockBit 3.0 launch in June 2022. LockBit 3.0 introduces new unique services such as automatic data exfiltration and the world’s first ransomware bug-bounty program.
A new Logpoint study reveals that the latest QakBot malware version is heavily used in malspam campaigns by notorious ransomware gangs. The new QakBot emergence uses multiple, simple yet effective defense evasion techniques against static detection methods.
The Log4Shell vulnerability is serious – it’s difficult to detect, used in lots and lots of software, and is the perfect vehicle to get malware into your network. There’s no one cyber tool that can protect your enterprise against Log4Shell. A combination of tools and a defense-in-depth mindset will give organizations the ability to detect post-compromise activity and stop the attack.
By LogPoint CTO Christian Have
Ransomware attacks are becoming increasingly devastating to companies. Not only do they inflict massive disruptions to operations, but criminals are also asking for ever-larger ransoms to unlock the encrypted files and machines hit by the attacks.
Throughout the last months, state-sponsored ransomware attacks inflicting damage on critical infrastructure have d