Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Ransomware

20 articles

SC Media Ransomware Microsoft Jun 17

Attackers drop DragonForce ransomware leveraging MS Teams relay systems

DragonForce ransomware abused Microsoft Teams relay infrastructure to hide C2 traffic.

SC Media →

Security Affairs Ransomware Microsoft Broadcom Jun 17

DragonForce Hid Inside Microsoft Teams and Nobody Noticed for Two Months

DragonForce hid for months by routing malware traffic through Microsoft Teams infrastructure, masking C2 activity and evading network detection. DragonForce ...

Security Affairs →

SecurityWeek Ransomware Microsoft Jun 17

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control. The post Microsoft Teams Relay Servers Abused in Dr...

SecurityWeek →

GBHackers Ransomware Oracle Jun 17

CISA Issues Alert on Oracle PeopleSoft Vulnerability Exploited by Ransomware Groups

The U.S.

1 IOC

GBHackers →

SC Media Ransomware Microsoft Jun 16

DragonForce ransomware uses Microsoft Teams for covert command and control

The DragonForce ransomware operation, active since 2023 and linked to the Scattered Spider threat group, has employed custom Go-based malware dubbed "Backdoo...

T1071

SC Media →

Help Net Security Ransomware Microsoft Broadcom Jun 16

Cybercriminals mask malicious communications through Microsoft Teams relays

The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure d...

T1588

Help Net Security →

GBHackers Ransomware Microsoft Jun 16

Microsoft Teams Relay Abused by Hackers to Hide Malicious Traffic

Microsoft Teams’ trusted infrastructure has been exploited by threat actors to secretly route malicious traffic, leading to a highly stealthy ransomware camp...

GBHackers →

Infosecurity Magazine Ransomware Microsoft Jun 16

DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company

Command and control traffic exploited a Teams visitor token to make malicious activity look legitimate to defenders

T1071

Infosecurity Magazine →

BleepingComputer Ransomware Microsoft Jun 16

Ransomware gang abuses Microsoft Teams relays to hide malicious traffic

DragonForce ransomware used a custom malware named 'Backdoor.Turn' to hide command-and-control traffic inside Microsoft Teams relay infrastructure.

BleepingComputer →

GBHackers Ransomware IBM Jun 16

Rhysida and Interlock Ransomware Groups Linked to Initial Access Brokers and Crypter Ecosystem

Rhysida and Interlock sit inside the same ransomware supply chain, but their latest observed behavior shows a more nuanced relationship than simple code reus...

GBHackers →

GBHackers Ransomware Jun 16

The Gentlemen RaaS Scales to 166 Victims as Ransomware Groups Compete for Affiliates

Two new Ransomware-as-a-Service (RaaS) entrants publicly recruited affiliates, underscoring a rapid reconsolidation of the ransomware market and a sharpening...

T1588 T1592

GBHackers →

SecurityWeek Ransomware Jun 15

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Mackay Sugar was targeted in a cyberattack carried out by a threat group known as The Gentlemen. The post Ransomware Attack Shuts Down Mills of Australia’s S...

SecurityWeek →

Help Net Security Ransomware Jun 15

Ukrainian national pleads guilty in connection with Conti ransomware

A Ukrainian national pleaded guilty to conspiracy to commit wire fraud in connection with the deployment of Conti ransomware, which targeted more than 1,000 ...

T1041

Help Net Security →

SecurityWeek Ransomware Jun 15

Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges

Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang. The post Ukrainian Man Pleads Guilty in US to Conti Ra...

SecurityWeek →

Security Affairs Ransomware Jun 15

Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise

The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surface...

Security Affairs →

Security Affairs Ransomware Jun 14

Ukrainian Extradited from Ireland Pleads Guilty Over Role in Conti Ransomware Scheme

Ukrainian national Oleksii Lytvynenko pleaded guilty in the U.S.

Security Affairs →

HackRead Ransomware Jun 13

Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks

Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and...

HackRead →

BleepingComputer Ransomware Jun 12

Ukrainian national pleads guilty to role in Conti ransomware operation

A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation. [.

BleepingComputer →

Cyberscoop Ransomware Jun 12

Conti ransomware group member pleads guilty, faces up to 20 years in prison

Oleksii Lytvynenko, a 44-year-old Ukrainian national, admitted to joining the prolific cybercrime group in 2021. Officials said he engaged in cybercrime up u...

Cyberscoop →

Infosecurity Magazine Ransomware Jun 12

Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol

Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others

Infosecurity Magazine →

«Previous page 1 ... 5 6 7 8 9 ... 15 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA