Последние обновления
- 25 de апреля de 2024Despite positioning themselves as penetration testers, 8Base ransomware threat actors profit off their victims that are significantly comprised of small businesses. In this feature, we investigate how the gang operates to gain insights on how organizations can protect systems better from compromises that could result in financial loss.
- 17 de апреля de 2024Although a legitimate approach, sidecar containers can add even more complexity to Kubernetes (K8s) clusters, not only making it harder to manage but also to detect compromises. This article demonstrates that attackers can leverage the sidecar injection technique after compromising a K8s cluster to remain stealthy and avoid detection, and how to protect K8s clusters from this malicious activity.
- 27 de марта de 2024We cover the key trends that defined the ransomware threat landscape in the second half of 2023. Data from RaaS and extortion groups’ leak sites, open-source intelligence (OSINT) research, and the Trend Micro telemetry shows that LockBit, BlackCat, and Clop continued to rank among the active RaaS and extortion groups with the highest victim counts during this period.
- 21 de февраля de 2024The threat actors behind the Rhysida ransomware targeted multiple industries by posing as a cybersecurity team that offered to help its victims identify security weaknesses in their networks and systems. Although the group’s activity was first observed back in May 2023, its leak site was established as early as March 2023. Like other ransomware groups, it employs double extortion tactics to pressure its victims into paying a ransom demand in Bitcoin.