Threat Intelligence

Ransomware review: July 2024

In June, LockBit said it breached the Federal Reserve and Black Basta was seen exploiting a Windows zero-day.

3 minutes

WorkersDevBackdoor and MadMxShell converge in malvertising campaigns

Two different backdoors might share more connections than previously thought

7 minutes

How the world’s worst ransomware gang avoids detection

Look at a real example of how LockBit used LOTL techniques on a ThreatDown MDR client.

4 minutes

From weeks to hours: Why ransomware attacks are getting quicker

Businesses will need to adapt as ransomware gangs take less time to steal and encrypt data than ever before.

4 minutes

Ransomware review: June 2024, a year-high 470 attacks recorded

In May, we recorded a total of 470 known ransomware attacks, including some sickening attacks on healthcare.

4 minutes

Why complexity has become a security issue

A new ebook from ThreatDown lifts the lid on the negative effects of complexity in the security environment, and what…

2 minutes

Threat actors ride the hype for newly released Arc browser

4 minutes

A peek inside a malvertising campaign

We look at the tools and services threat actors are using and abusing to distribute malware via online ads.

5 minutes

Ransomware review: May 2024

April was the second most active month of 2024 as ransomware groups positioned themselves to take over from LockBit and…

3 minutes

Remote Monitoring and Management software used in phishing attacks

Threat Intelligence Team

3 minutes

The anatomy of a Medusa ransomware attack: ThreatDown MDR team investigates

In early April 2024, a prominent service chain in the United States fell victim to a Medusa ransomware attack.

2 minutes

Medusa ransomware: What organizations need to know

Organizations beware: the Medusa ransomware gang is on the rise.

3 minutes

Corporate users targeted via malicious ads and modals

4 minutes

K-12 district hit with $500k Medusa ransomware attack

The Medusa ransomware gang claims it has stolen 1.2 TB of data from a large K-12 district.

1 minute

FakeBat campaign continues, now also targeting VMware users

4 minutes

Ransomware review: April 2024

In March, we recorded a total of 389 ransomware victims—the most so far all year.

4 minutes

Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla

2 minutes

60% of small businesses are concerned about cybersecurity threats

1 minute

Bing ad for NordVPN leads to SecTopRAT

2 minutes

2024 State of Malware in Education report: Top 6 cyberthreats facing K-12 and Higher Ed

Threat Intelligence Team

1 minute

Products

Services

Platforms

Why ThreatDown

Ransomware review: July 2024

WorkersDevBackdoor and MadMxShell converge in malvertising campaigns

How the world’s worst ransomware gang avoids detection

From weeks to hours: Why ransomware attacks are getting quicker

Ransomware review: June 2024, a year-high 470 attacks recorded

Why complexity has become a security issue

Threat actors ride the hype for newly released Arc browser

A peek inside a malvertising campaign

Ransomware review: May 2024

Remote Monitoring and Management software used in phishing attacks

The anatomy of a Medusa ransomware attack: ThreatDown MDR team investigates

Medusa ransomware: What organizations need to know

Corporate users targeted via malicious ads and modals

K-12 district hit with $500k Medusa ransomware attack

FakeBat campaign continues, now also targeting VMware users

Ransomware review: April 2024

Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla

60% of small businesses are concerned about cybersecurity threats

Bing ad for NordVPN leads to SecTopRAT

2024 State of Malware in Education report: Top 6 cyberthreats facing K-12 and Higher Ed

Products & Services

Partners

Resources

Managed Services Terms & Conditions

Support

Get in Touch

Products

Services

Platforms

Why ThreatDown

Threat Intelligence

Categories