INC
October 29, 2024
INC ransomware was first detected in July 2023, but has already released new versions: one that targets Linux computers and an update on their Windows variant. The ransomware has been observed to exploit CVE-2023-3519 and uses HackTool.Win32.ProcTerminator.A for defense evasion and HackTool.PS1.VeeamCreds for credential access in its different attack chains.
Read moreRansomware Spotlight
- 07 mai 2024The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today. With LockBit’s strong malware capabilities and affiliate program, organizations should keep abreast of its machinations to effectively spot risks and defend against attacks.
- 25 avril 2024Despite positioning themselves as penetration testers, 8Base ransomware threat actors profit off their victims that are significantly comprised of small businesses. In this feature, we investigate how the gang operates to gain insights on how organizations can protect systems better from compromises that could result in financial loss.
- 21 février 2024The threat actors behind the Rhysida ransomware targeted multiple industries by posing as a cybersecurity team that offered to help its victims identify security weaknesses in their networks and systems. Although the group’s activity was first observed back in May 2023, its leak site was established as early as March 2023. Like other ransomware groups, it employs double extortion tactics to pressure its victims into paying a ransom demand in Bitcoin.
- 15 mars 2023Backed by threat actors from Conti, Royal ransomware is poised to wreak havoc in the threat landscape, starting strong by taking a spot among the most prolific ransomware groups within three months since it was first reported. Combining new and old techniques and quick evolution, it is likely to remain a big player in the threat landscape in the future.
- 26 janvier 2023The Magniber ransomware initially targeted only Asian countries when it was first detected in 2017. However, it resurfaced in 2021 and continues to operate today with expanded targets around the globe. Magniber remains a significant player in the threat landscape, with malicious attackers likely to continue using the ransomware in future.