by Fortify Security Team | Sep 28, 2024 | Cyberthreat Research
While Conti is considered a ransomware-as-a-service (RaaS) model ransomware variant, there is variation in its structure that differentiates it from a typical affiliate model. It is likely that Conti developers pay the deployer’s of the ransomware a wage rather...
by Fortify Security Team | Sep 28, 2024 | Cyberthreat Research
This advisory provides information on cyber actor tactics, techniques, and procedures (TTPs) obtained from a sample of BlackMatter ransomware analyzed in a sandbox environment as well from trusted third-party reporting. Using embedded, previously compromised...
by Fortify Security Team | Sep 28, 2024 | Cyberthreat Research
FBI reporting has indicated a recent increase in IcedID malware acting as a “dropper,” infecting victims with additional malware. Examples of ransomware variants dropped by IcedID include Defray777, GlobeImposter, Cuba, Conti, and REvil (aka Sodinokibi). First...
by Fortify Security Team | Sep 28, 2024 | Cyberthreat Research
FBI reporting has indicated a recent increase in PYSA ransomware targeting education institutions in 12 US states and the United Kingdom. PYSA, also known as Mespinoza, is a malware capable of exfiltrating data and encrypting users’ critical files and data stored on...
by Fortify Security Team | Sep 28, 2024 | Cyberthreat Research
Microsoft has released the EOMT.ps1 tool that can automate portions of both the detection and patching process and help your organization check for indicators of compromise (IOCs) by running the Microsoft IOC Detection Tool for Exchange Server Vulnerabilities. In...
