Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/cybervolk CyberVolk is a self-proclaimed hacktivist group with various allegiances to other hacktivist groups throughout the globe, including Anonymous (their subsidiaries), White_Hunters, Cyber Hunters, and others. They even…

Publication: Dr. Joseph L Popp Jr and The First-Ever Ransomware – The AIDS Trojan If you work in information security or the computer science field, there's a good chance you've heard of the first-ever ransomware – the AIDS Trojan. There's also a chance you know the basics of that story. An…

Introduction This research began with finding a simple malware sample to extract strings for an unrelated topic. In my day-to-day malware analysis workflow, I stumbled upon a JavaScript (JS) file with what I would call trivial obfuscation. I knew it was malware but wanted to understand the infection…

Check out LockBit 3.0 on our new Ransomware Tracker Beta! Hear more about Operation Cronos on The 443 Podcast . If you've followed the ransomware space for the past few years, it's very likely you've heard of LockBit. If you don't follow the cybersecurity landscape, there's still a good chance you…

On February 2nd, remote access software vendor AnyDesk disclosed they had been the victim of a cyberattack where an unknown threat actor obtained access to production systems. AnyDesk appears to have contained the incident before the adversaries were able to leverage their access into a supply chain…

A few days ago, I was scrolling through Twitter and came across a post by the MalwareHunterTeam briefly discussing a new Ransomware group - Rhysida. A lack of results from a Google search shows this is a newer group prepping to start operations. I grabbed a sample and downloaded it, and the…