How the Black Basta ransomware gang hides Cobalt Strike beacons with PowerShell
Ransomware gangs love PowerShell.
4 minutes
Threat Intelligence
A visit to a print shop put a password stealer on a co-worker’s laptop
Old-school malware distribution methods have a habit of hanging around long after people stop talking about them.
2 minutes
Watch out! Mobidash Android adware spread through phishing and online links
ThreatDown has uncovered a new campaign spreading the MobiDash adware for Android.
1 minute
Ransomware review: September 2024
In August, we recorded a total of 442 ransomware victims, the second-most all year.
2 minutes
New RansomHub attack uses TDSSKiller and LaZagne, disables EDR
The attack signals a new shift in RansomHub's arsenal of tools.
3 minutes
Lowe’s employees targeted in new malvertising campaign
In August, Lowe's employees were the subject of a targeted campaign using fake ads and websites.
1 minute
Rise of Atomic Stealer signals a sea change in macOS malware
Atomic Stealer is the most popular malware-as-a-service on macOS because of highly active affiliate-driven distribution campaigns and constant feature upgrades.
4 minutes
New phishing campaign uses Discord for payload delivery
A new phishing campaign uses two Discord CDN's to host malicious executables.
3 minutes
Ransomware review: July 2024
In June, LockBit said it breached the Federal Reserve and Black Basta was seen exploiting a Windows zero-day.
3 minutes
