Skip to Content

Tag: Ransomware

Ransomware Report: Q4 2022

Ransomware activity stayed at steady levels throughout 2022’s fourth quarter (Q4 2022). Since we bid farewell to ever-present groups like Conti, the world of ransomware has remained a game of whack-a-mole: For every group that disappears, there are always several waiting in the shadows to replace it. One major development was the use of ransomware […]

APT Spotlight: Sandworm

Editor’s note: This blog was written by our teammates at Digital Shadows (now ReliaQuest). This blog is a deeper dive into advanced persistent threat (APT) groups. We aim to demystify APT groups around the world, including their motives, dynamics, and some of their tactics, techniques, and procedures (TTPs). What does APT stand for in cybersecurity? […]

The Top Ransomware Trends to Watch Out for in 2023

Ransomware attacks have seen a steep increase this year, 13% more than in 2021, and they’re not expected to slow down anytime soon. With that in mind, let’s take a look at the top ransomware trends you should be keeping an eye on as we move into 2023. Here’s what you need to know about […]

2023 Cyber Threat Predictions

As we move towards the end of 2022, now is the time to take a look back at the major trends from the last eleven months and identify what might happen from a cyber threat perspective in 2023. 2022 will likely be remembered for several reasons; notably the Russian invasion of Ukraine, the world recovering […]

Ransomware In Q3 2022

Ransomware activity decreased in the third quarter of 2022 (Q3 2022), as actors regrouped and refocused after a busy start to the year. Despite this, attacks on high-profile targets—as well as potentially politically motivated attacks—kept our eyes on ransomware this quarter. New tools and techniques emerged, while older tools resurfaced or were repurposed by ransomware […]

Dark Web Recruitment: How Ransomware Groups Hire Cybercriminal Talent

As we observed in a recent blog on ransomware franchising, ransomware groups often behave like legitimate companies. Large or small, each group needs a certain number of capable employees to cover all the functions of a ransomware operation. A group may comprise multiple members specializing in malware development, reconnaissance, payload delivery, encryption, negotiation, cashing out, […]

Cyber threats to the 2022 Italian elections

  When Mario Draghi formed a national unity government in February 2021, Italy was busy attempting to limit the spread of the COVID-19 pandemic, in addition to developing a recovery and resilience plan (Piano Nazionale di Ripresa e Resilienza, or PNRR) to spend the EU recovery funds on. Additionally, Draghi positioned his government to react […]

How to Extend Microsoft’s Ransomware Protections

Microsoft recently released a report, Cyber Signals, detailing recent trends in the ransomware sphere, most notably the rise of the ransomware-as-a-service (RaaS) economy. RaaS groups, instead of doing the attacking themselves, are selling the toolkits and information necessary for other criminals to perform successful attacks. In light of these trends, Microsoft has suggested some preventive […]

Ransomware franchising: How do groups get started?

Getting started in any business is a tricky affair. While estimations may vary, it’s widely believed that around 9 in 10 startup businesses fail within the first ten years of their establishment. Having enough money to get started, getting the right employees in, and navigating global conditions can be enough to knock over even the […]

“Looking for pentesters”: How Forum Life Has Conformed to the Ransomware Ban

In mid-May 2021, the administrators of XSS and Exploit, two of the most prominent Russian-language cybercriminal forums, introduced a ban on ransomware-related content. This measure prohibited sales of ransomware variants, advertising ransomware rental schemes, and recruiting for ransomware affiliate programs. The forums also deleted historical content meeting those criteria. The site administrators feared greater scrutiny […]