Sunday, May 18, 2025

Ransomware

UK Retail Chains Targeted by Ransomware Attackers Claiming Data Theft

Major ransomware campaign targeting UK retailers has escalated as hackers provided BBC News with evidence of extensive network infiltration and data theft from Co-op,...

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems across industries such as real estate, pharmaceuticals, and manufacturing. As...

NCSC Warns of Ransomware Attacks Targeting UK organisations

National Cyber Security Centre (NCSC) has issued technical guidance following a series of cyber attacks targeting UK retailers. These incidents have prompted concerns about...

RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists

SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often delivering payloads like Cobalt Strike and, more recently, RansomHub ransomware. Darktrace's...

Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising strategies. Recent investigations have uncovered a disturbingly effective method involving fake...

Researchers Uncovered RansomHub Operation and it’s Relation With Qilin Ransomware

Security researchers have identified significant connections between two major ransomware-as-a-service (RaaS) operations, with evidence suggesting affiliates from the recently-disabled RansomHub group may have migrated...

RansomHub Ransomware Deploys Malware to Breach Corporate Networks

The eSentire’s Threat Response Unit (TRU) in early March 2025, a sophisticated cyberattack leveraging SocGholish malware, also known as FakeUpdates, was uncovered targeting corporate...

Fog Ransomware Reveals Active Directory Exploitation Tools and Scripts

Cybersecurity researchers from The DFIR Report’s Threat Intel Group uncovered an open directory hosted at 194.48.154.79:80, believed to be operated by an affiliate of...