New phishing campaign uses Discord for payload delivery
A new phishing campaign uses two Discord CDN's to host malicious executables.
3 minutes
Threat Intelligence
Ransomware review: July 2024
In June, LockBit said it breached the Federal Reserve and Black Basta was seen exploiting a Windows zero-day.
3 minutes
WorkersDevBackdoor and MadMxShell converge in malvertising campaigns
Two different backdoors might share more connections than previously thought
7 minutes
How the world’s worst ransomware gang avoids detection
Look at a real example of how LockBit used LOTL techniques on a ThreatDown MDR client.
4 minutes
From weeks to hours: Why ransomware attacks are getting quicker
Businesses will need to adapt as ransomware gangs take less time to steal and encrypt data than ever before.
4 minutes
Ransomware review: June 2024, a year-high 470 attacks recorded
In May, we recorded a total of 470 known ransomware attacks, including some sickening attacks on healthcare.
4 minutes
Why complexity has become a security issue
A new ebook from ThreatDown lifts the lid on the negative effects of complexity in the security environment, and what…
2 minutes
A peek inside a malvertising campaign
We look at the tools and services threat actors are using and abusing to distribute malware via online ads.
5 minutes
Ransomware review: May 2024
April was the second most active month of 2024 as ransomware groups positioned themselves to take over from LockBit and…
3 minutes
