Posts tagged Ransomware

14 min Ransomware

Exploring the (Not So) Secret Code of Black Hunt Ransomware

In this analysis we examined the BlackHunt sample shared on X (formerly Twitter). During our analysis we found notable similarities between BlackHunt ransomware and LockBit, which suggested that it uses leaked code of Lockbit. In addition, it uses some techniques similar to REvil ransomware.

4 min Ransomware

2023 Ransomware Stats: A Look Back To Plan Ahead

As we step into 2024, the first victims of ransomware attacks are already being reported. What can the 2023 ransomware stats tell us about the year that was, and how can we use them to plan for the year ahead?

6 min Ransomware

GhostLocker - A “Work In Progress” RaaS

GhostSec, has introduced a novel Ransom-as-a-Service encryptor known as GhostLocker.

3 min Ransomware

Ransomware-as-a-Service Cheat Sheet

Ransomware-as-a-Service, or RaaS, has taken the threat landscape by storm. Learn how to protect your organization against RaaS attacks.

2 min Research

Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974

Rapid7 research has found that nearly 19,000 ESXi servers likely remain vulnerable to CVE-2021-21974, which is being exploited in the ESXiArgs campaign.

5 min Research

Evasion Techniques Uncovered: An Analysis of APT Methods

DLL search order hijacking and DLL sideloading are commonly used by nation state sponsored attackers to evade detection.

2 min Emergent Threat Response

Ransomware Campaign Compromising VMware ESXi Servers

Hosting provider OVH and French CERT has issued a warning about a ransomware campaign that appears to be using CVE-2021-21974 to target VMware ESXi servers.

18 min Ransomware

Increasing The Sting of HIVE Ransomware

Recently, Rapid7 observed a malicious actor performing several new techniques for increasing the impact of HIVE ransomware a victim’s environment.

3 min Vulnerability Management

The 2022 SANS Top New Attacks and Threats Report Is In, and It's Required Reading

The latest Top New Attacks and Threat Report from the cybersecurity experts at SANS is here — and the findings are critical for security teams.

6 min Ransomware

Architecting for Extortion: Acting on the IST’s Blueprint for Ransomware Defense

Last month, the Institute for Security and Technology’s Ransomware Task Force launched the Blueprint for Ransomware Defense.

3 min Ransomware

To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved

Our research shows the "market share" of ransomware groups and how much they focused on different types of data.

3 min Ransomware

For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus

We found customer data in the overwhelming majority of data disclosures from ransomware attacks against the financial services industry.

3 min Ransomware

For Ransomware Double-Extorters, It's All About the Benjamins — and Data From Healthcare and Pharma

When it comes to ransomware in healthcare and pharma, there are some notable similarities that set them apart from other industries.

4 min Ransomware

New Report Shows What Data Is Most at Risk to (and Prized by) Ransomware Attackers

"Pain Points: Ransomware Data Disclosure Trends" reveals a story of how ransomware attackers think, what they value, and how they apply pressure.

3 min Ransomware

Complimentary GartnerⓇ Report "How to Respond to the 2022 Cyberthreat Landscape": Ransomware Edition

The complimentary GartnerⓇ report “How to Respond to the 2022 Cyberthreat Landscape"will help you understand and defend against the ransomware threat.