APT groups use ransomware TTPs as cover for intelligence gathering and sabotage
Changing tactics by North Korean, Russian, and Chinese APT groups suggest that Western companies are at greater risk.
Changing tactics by North Korean, Russian, and Chinese APT groups suggest that Western companies are at greater risk.
The decline of big ransomware groups like Conti and REvil has given rise to smaller gangs, presenting a threat intelligence challenge.
The ransomware gang was able to use signed malicious drivers to disable endpoint security tools. Microsoft has revoked the certificates.
The tactics used by the Royal ransomware group allow for fast and stealthy encryption and share similarities with the defunct Conti group.
Rackspace Technology has acknowledged that a recent incident took most of its Hosted Exchange email server business offline was the product of a ransomware attack.