What's new arround internet
Last one

Src Date (GMT) Titre Description Tags Stories Notes
RedTeam.pl.webp 2020-06-12 21:35:46 Black Kingdom ransomware (TTPs & IOC) (lien direct) We would like to share with the community the following TTPs and IOC related to Black Kingdom ransomware and threat actors using it.Attackers gained initial access to the infrastructure via Pulse Secure VPN vulnerability [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11510].For persistence they use a scheduled task [https://attack.mitre.org/techniques/T1053/]. Task name is GoogleUpdateTaskMachineUSA, which resembles a legitimate task of Ransomware Vulnerability Threat
RedTeam.pl.webp 2020-05-20 13:43:15 Sodinokibi / REvil / Maze ransomware (TTPs & IOC) (lien direct) We secured forensics evidence data in the form of disk images of VPS servers used by cybercriminals behind Sodinokibi / REvil ransomware (we also found Maze ransomware there):decryptor.ccdnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion Ransomware Vulnerability
Last update at: 2024-05-31 21:10:33
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter