New phishing campaign uses Discord for payload delivery A new phishing campaign uses two Discord CDN's to host malicious executables. 3 minutes
Rhysida using Oyster Backdoor to deliver ransomware In a recent attack, Rhysida used a new variant of the Oyster backdoor, also known as Broomstick. 3 minutes
CrowdStrike security update leads to widespread outages A CrowdStrike security update has left thousands of organizations unable to boot their Windows computers. 2 minutes
Ransomware review: July 2024 In June, LockBit said it breached the Federal Reserve and Black Basta was seen exploiting a Windows zero-day. 3 minutes
Credential Dumping: How ransomware gangs steal login data and how to detect it Get the ins and outs of Credential Dumping. 5 minutes
How the world’s worst ransomware gang avoids detection Look at a real example of how LockBit used LOTL techniques on a ThreatDown MDR client. 4 minutes
From weeks to hours: Why ransomware attacks are getting quicker Businesses will need to adapt as ransomware gangs take less time to steal and encrypt data than ever before. 4 minutes
US gov bans Kaspersky sales and updates, says “switch to an alternative” immediately A "significant number" of US companies have just three months to find alternative endpoint protection. 1 minute
Anything but science fiction: The anatomy of an Akira ransomware attack An analysis of a real life Akira ransomware attack. 3 minutes
Enhancing ThreatDown Admin App notifications: Multi-method delivery now available The ThreatDown Admin app has a new notification update available. 1 minute