Ransomware-as-a-Service

Investigating Qilin Ransomware Through Limited Endpoint Visibility

Blue-Team

Investigating Qilin Ransomware Through Limited Endpoint Visibility

When Huntress analysts investigated a Qilin ransomware attack with limited post-infection visibility, they demonstrated how meticulous forensic...

ShinySp1d3r: ShinyHunters’ New Ransomware-as-a-Service Threatens VMware ESXi Environments

Threat Intelligence

ShinySp1d3r: ShinyHunters’ New Ransomware-as-a-Service Threatens VMware ESXi Environments

An in-development build of a new ransomware-as-a-service platform named ShinySp1d3r has surfaced, signaling a strategic expansion for...

Dutch Police Dismantle Bulletproof Hosting Service in Major Operation Endgame Phase

News

Dutch Police Dismantle Bulletproof Hosting Service in Major Operation Endgame Phase

In a coordinated international law enforcement action, Dutch authorities have seized approximately 250 physical servers that powered...

Google’s RICO Lawsuit Targets Chinese Phishing-as-a-Service Operation

Cyber Laws & Regulations

Google’s RICO Lawsuit Targets Chinese Phishing-as-a-Service Operation

Google has initiated a significant legal action aimed at dismantling a sophisticated China-based cybercrime operation known as...

REvil Ransomware Members Released After Serving Time for Carding Charges

APT-News

REvil Ransomware Members Released After Serving Time for Carding Charges

Four members of the REvil ransomware group, arrested in January 2022, have been released by Russian authorities...

Anubis Ransomware Now Includes File-Wiping Module, Rendering Recovery Impossible

Malware Analysis

Anubis Ransomware Now Includes File-Wiping Module, Rendering Recovery Impossible

The Anubis ransomware-as-a-service (RaaS) operation has escalated its threat by integrating a wiper module into its malware,...

Darcula PhaaS: Technical Analysis of a Global SMS Phishing Operation

APT-News

Darcula PhaaS: Technical Analysis of a Global SMS Phishing Operation

The Darcula PhaaS (Phishing-as-a-Service) platform has emerged as one of the most sophisticated cybercrime operations of 2025,...

FBI and CISA Alert: Medusa Ransomware Targets Email and VPN Services

Threat Intelligence

FBI and CISA Alert: Medusa Ransomware Targets Email and VPN Services

The FBI and CISA have issued a joint advisory warning Gmail, Outlook, and VPN users about an...

VanHelsing Ransomware: Technical Analysis and Mitigation Strategies

Malware Analysis

VanHelsing Ransomware: Technical Analysis and Mitigation Strategies

The emergence of VanHelsing ransomware in March 2025 has raised significant concerns due to its ransomware-as-a-service (RaaS)...

Medusa Ransomware Targets Critical Infrastructure: Technical Analysis and Mitigation

Threat Intelligence

Medusa Ransomware Targets Critical Infrastructure: Technical Analysis and Mitigation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing...

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

APT-News

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

A new ransomware-as-a-service (RaaS) operation dubbed “VanHelsing” has surfaced, targeting multiple operating systems and employing double extortion...

Ransomware and Dark Web Threats Escalate in March 2025: New Extortion Tactics and Hacktivist Attacks

Threat Intelligence

Ransomware and Dark Web Threats Escalate in March 2025: New Extortion Tactics and Hacktivist Attacks

The second week of March 2025 witnessed a surge in cybercriminal operations, marked by the emergence of...

Inside RedLine Stealer’s Backend: How the Infamous MaaS Operation Worked

Malware Analysis

Inside RedLine Stealer’s Backend: How the Infamous MaaS Operation Worked

Following an international law enforcement takedown of the RedLine Stealer malware-as-a-service (MaaS) operation in October 2024, ESET...

Dealing with the SolarWinds Orion Compromise: Immediate Actions for Organizations

APT-News
Data Breach

Dealing with the SolarWinds Orion Compromise: Immediate Actions for Organizations

The SolarWinds Orion compromise, disclosed in December 2020, remains one of the most significant cybersecurity incidents in...

NCSC Warns of Cryptojacking: How Malicious Software is Exploiting Devices for Illicit Cryptocurrency Mining

Blue-Team
Exploitation

NCSC Warns of Cryptojacking: How Malicious Software is Exploiting Devices for Illicit Cryptocurrency Mining

The National Cyber Security Centre (NCSC) has issued a warning about the increasing use of malicious software...

Ransomware-as-a-Service

Investigating Qilin Ransomware Through Limited Endpoint Visibility

ShinySp1d3r: ShinyHunters’ New Ransomware-as-a-Service Threatens VMware ESXi Environments

Dutch Police Dismantle Bulletproof Hosting Service in Major Operation Endgame Phase

REvil Ransomware Members Released After Serving Time for Carding Charges

Anubis Ransomware Now Includes File-Wiping Module, Rendering Recovery Impossible

FBI and CISA Alert: Medusa Ransomware Targets Email and VPN Services

VanHelsing Ransomware: Technical Analysis and Mitigation Strategies

Medusa Ransomware Targets Critical Infrastructure: Technical Analysis and Mitigation

VanHelsing RaaS Emerges: Double Extortion, Multi-OS Targeting, and $5K Entry Fee

Ransomware and Dark Web Threats Escalate in March 2025: New Extortion Tactics and Hacktivist Attacks

Inside RedLine Stealer’s Backend: How the Infamous MaaS Operation Worked

You may have missed

Dark Web Data Exposure: Technical Analysis and Response for Security Professionals

Misinformation as a Threat Vector: Lessons from the Brown University Shooting Investigation

Google’s Gmail Address Change: A New Vector for Account Takeover and Social Engineering

The AI Investment Surge in India: A Strategic Analysis for Security Leaders