LOCKBIT Black's Legacy: Unraveling The DragonForce Ransomware Connection - Cyble
CRIL investigates DragonForce Ransomware and its links to a leaked LOCKBIT Builder.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors
Cyble analyzes the increasing incidences of vulnerabilities in Fortinet, highlighting the impact they have on Critical Infrastructure.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
Akira Ransomware Extends Reach to Linux Platform
Cyble Research & Intelligence Labs examines the Linux variant of Akira Ransomware and assesses its impact on various sectors.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
Unmasking the Darkrace Ransomware Gang
Cyble analyses Darkrace Ransomware, a new ransomware group shares similarities with infamous LockBit Ransomware.
Cyble — Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram
CRIL analyzes AMOS, a stealthy new information stealer targeting macOS and disseminating stolen information via Telegram.
Cyble — Demystifying Money Message Ransomware
CRIL analyses the anatomy of a new ransomware group named Money Message, which can encrypt network shares and target both Windows and Linux.
Cyble — New Cylance Ransomware with Power-Packed CommandLine Options
CRIL analyzes Cylance, a new Ransomware variant that uses command-line options to target both Windows and Linux users.
Cyble — Cl0p Ransomware: Active Threat Plaguing Businesses Worldwide
Cyble Research & Intelligence Labs analyzes Cl0p ransomware which is rapidly gaining attention for its success in extorting businesses.
Creal: New Stealer Targeting Cryptocurrency Users Via Phishing Sites
Open-Source Stealer Widely Abused by Threat Actors The threat of InfoStealers is widespread and has been frequently employed by various Threat Actors (TA)s to launch attacks and make financial gains. Until now, the primary use of stealers by TAs has been to sell logs or to gain initial entry into a corporate network.
Wave of Arrests Hits Cybercriminals
Cyble reflects on the identification of a forum administrator and two cybercriminals and how it impacts the wider cybercrime ecosystem.
The Growing Threat of ChatGPT-Based Phishing Attacks
Cyble analyzes how Threat Actors are using the recent buzz around ChatGPT to launch Phishing attacks using various methods.
Qakbot's Evolution Continues with New Strategies
Cyble Research & Intelligence Labs analyzes new strategies deployed by Qakbot to infect users via Microsoft OneNote.
‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide
Cyble analyzes 'InTheBox' as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide,
New YouTube Bot Malware Spotted Stealing User’s Sensitive Information
New YouTube Bot Malware Spotted Stealing User’s Sensitive Information
Pure coder offers multiple malware for sale in Darkweb forums
Italians Users Targeted By PureLogs Stealer Through Spam Campaigns
New Ransomware Strains Emerging from Leaked Conti’s Source Code
Cyble Research and Intelligence Labs analyzes multiple ransomware strains created based on leaked source code of Conti Ransomware.
Mallox Ransomware showing signs of Increased Activity
“TargetCompany” is a type of ransomware that was first identified in June 2021. The researchers named it TargetCompany ransomware because it adds the targeted company name as a file extension to the encrypted files. In September 2022, researchers identified a TargetCompany ransomware variant targeting Microsoft SQL servers and adding the “Fargo” extension to the encrypted files. TargetCompany ransomware is also known to add a “Mallox” extension after encrypting the files.
Multiple Organisations compromised by Critical Authentication Bypass Vulnerability in Fortinet Products (CVE-2022-40684)
Cyble Global Sensor Intelligence detects exploitation attempts of CVE-2022-40684, and CRIL observes Fortinet Access distribution in cybercrime forums.