Threat Actor

Fog Ransomware: Data in the Mist
Resources
Fog Ransomware: Data in the Mist
Fog ransomware, a prolific and secretive threat actor, targets organizations globally, deploying sophisticated multi-stage attacks resulting in data encryption and exfiltration. Victims span various sectors. ...
Termite Ransomware: The Silent Invader
Resources
Termite Ransomware: The Silent Invader
Termite ransomware, active since at least late 2024, targets high-profile organizations. Recent victims include Blue Yonder and Zschimmer & Schwarz, highlighting its broad reach and ...
INC Ransomware: TTPs, Impact and Mitigation
Blog
INC Ransomware: TTPs, Impact and Mitigation
INC Ransomware is a sophisticated threat actor employing advanced techniques for devastating double extortion attacks. This in-depth analysis reveals their methods, targets, and the critical ...
BlackSuit (Royal) Ransomware: Conti Ransomware Reborn
Resources
BlackSuit (Royal) Ransomware: Conti Ransomware Reborn
BlackSuit, formerly Royal, is a sophisticated ransomware group using multi-vector attacks, partial encryption, and double extortion to target global organizations, including critical infrastructure. Their operations ...
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational networks. They exhibit a high ...
Sodinokibi/REvil Ransomware: The Evasive Threat
Threat Actor
Sodinokibi/REvil Ransomware: The Evasive Threat
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April ...
Qilin Ransomware Tactics, Techniques, Procedures and Mitigation
Blog
Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation
Qilin ransomware, a potent threat emerging in 2022, has rapidly gained notoriety. This blog post delves into its advanced tactics, techniques, and procedures (TTPs), providing ...
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
Resources
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance, for financial gain and potential ...
Vice Society Ransomware: The Anti K-12 RaaS Syndicate
Resources
Vice Society Ransomware: The Anti K-12 RaaS Syndicate
Vice Society, a prolific RaaS group, preys on schools and other institutions, deploying readily available ransomware and threatening data leaks unless ransoms are paid. Their ...
KillSec: Hacktivists Turned RaaS Syndicate
Resources
KillSec: Hacktivists Turned RaaS Syndicate
KillSec, a Russia-linked RaaS group, targets healthcare and finance, leveraging OSINT and affiliates for extortion, showing a preference for Asian victims over Western ones.