Ransomware review: September 2024 In August, we recorded a total of 442 ransomware victims, the second-most all year. 2 minutes
New RansomHub attack uses TDSSKiller and LaZagne, disables EDR The attack signals a new shift in RansomHub's arsenal of tools. 3 minutes
Lowe’s employees targeted in new malvertising campaign In August, Lowe's employees were the subject of a targeted campaign using fake ads and websites. 1 minute
Rise of Atomic Stealer signals a sea change in macOS malware Atomic Stealer is the most popular malware-as-a-service on macOS because of highly active affiliate-driven distribution campaigns and constant feature upgrades. 4 minutes
New phishing campaign uses Discord for payload delivery A new phishing campaign uses two Discord CDN's to host malicious executables. 3 minutes
Ransomware review: July 2024 In June, LockBit said it breached the Federal Reserve and Black Basta was seen exploiting a Windows zero-day. 3 minutes
WorkersDevBackdoor and MadMxShell converge in malvertising campaigns Two different backdoors might share more connections than previously thought 7 minutes
How the world’s worst ransomware gang avoids detection Look at a real example of how LockBit used LOTL techniques on a ThreatDown MDR client. 4 minutes
From weeks to hours: Why ransomware attacks are getting quicker Businesses will need to adapt as ransomware gangs take less time to steal and encrypt data than ever before. 4 minutes