Threat Actors

Sodinokibi/REvil Ransomware: The Evasive Threat

May 5, 2025

Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April

Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation

April 23, 2025

Qilin ransomware, a potent threat emerging in 2022, has rapidly gained notoriety. This blog post delves into its advanced tactics,

Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos

April 22, 2025

Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance,

Everest Ransomware: Data Extortionist Turned Initial Access Broker

April 9, 2025

Everest ransomware, active since 2020, evolved from data extortion and ransomware to primarily acting as an Initial Access Broker (IAB),

Vice Society Ransomware: The Anti K-12 RaaS Syndicate

April 8, 2025

Vice Society, a prolific RaaS group, preys on schools and other institutions, deploying readily available ransomware and threatening data leaks

KillSec: Hacktivists Turned RaaS Syndicate

April 4, 2025

KillSec, a Russia-linked RaaS group, targets healthcare and finance, leveraging OSINT and affiliates for extortion, showing a preference for Asian

Qilin/Agenda Ransomware: The Credential Stealers

March 20, 2025

Overview The Qilin ransomware group, also known as Agenda, is a Russia-based ransomware-as-a-service (RaaS) operation active since at least July

BianLian Ransomware: Shadow Data Extortion Group

March 5, 2025

The BianLian ransomware group represents a significant and growing threat to organizations worldwide. Operating with precision and stealth, they have

Trinity Ransomware: The Enigma of the .trinitylock

March 4, 2025

Overview: Known Aliases of Trinity Ransomware: Trinity Ransomware. Possible links to 2023Lock and Venus ransomware, implying potential shared infrastructure or

Akira Ransomware: The Extortion Ghost in a Shell

March 2, 2025

Akira has targeted a range of organizations, including universities (Stanford), major IT service providers (Tietoevry), and numerous businesses across various

Sodinokibi/REvil Ransomware: The Evasive Threat

Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation

Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos

Everest Ransomware: Data Extortionist Turned Initial Access Broker

Vice Society Ransomware: The Anti K-12 RaaS Syndicate

KillSec: Hacktivists Turned RaaS Syndicate

Qilin/Agenda Ransomware: The Credential Stealers

BianLian Ransomware: Shadow Data Extortion Group

Trinity Ransomware: The Enigma of the .trinitylock

Akira Ransomware: The Extortion Ghost in a Shell

Sodinokibi/REvil Ransomware: The Evasive Threat

Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation

Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos

Everest Ransomware: Data Extortionist Turned Initial Access Broker

Vice Society Ransomware: The Anti K-12 RaaS Syndicate

KillSec: Hacktivists Turned RaaS Syndicate

Qilin/Agenda Ransomware: The Credential Stealers

BianLian Ransomware: Shadow Data Extortion Group

Trinity Ransomware: The Enigma of the .trinitylock

Akira Ransomware: The Extortion Ghost in a Shell

What is a Whaling Phishing Attack?

Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat

Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data

How AI is Revolutionizing Phishing Attacks

How to Identify Fake Emails: A Guide to Email Threat Detection

10 Ways to Protect Your Enterprise from Phishing Attacks

Social Media Scams: How Cybercriminals Steal Personal Information

Patients Data Exposed in Phishing Attack Targeting LA County Health Services

FIN7 Attempts Phishing at American Automaker’s IT Staff

Hackers Leverage Okta Phishing Attacks to Target FCC and Popular Crypto Firms

Daily Briefing Newsletter