Free Access

Category: Cyber Threat Landscape

Who is DarkSide Ransomware Group?

This image is about the DarkSide ransomware group.

Blog Who is DarkSide Ransomware Group? FBI claims attack on the Colonial Pipeline has been attributed to DarkSide Ransomware, a kind of new ransomware family that emerged on the crimeware market at the beginning of  November 2020. DarkSide is a Ransomware-as-a-Service with the stated goal of targeting ‘large corporations.’ They are primarily focused on recruiting […]

REvil Ransomware Malware Analysis 

This image is about REvil ransomware malware analysis.

Blog 1. Overall Summary The REvil (also known as Sodinokibi) is a Ransomware-as-a-Service (RaaS). The first attack of REvil in the middle of April 2019, got huge attention from the Cyber Security world due to sharing many similarities with GandCrab Ransomware and the distribution techniques of ransomware they are using such as exploit kits, scan […]

PetitPotam (MS-EFSRPC) Exploit – CVE2021-36942

This image is about the PetitPotam (MS-EFSRPC) exploit.

Blog PetitPotam (MS-EFSRPC) Exploit – Summary PetitPotam Exploit needs Active Directory Certificate Services, specifically the default settings behind the Web Enrollment service because of this Vulnerability. Adversaries can achieve full Domain Admin (DC) takeover of a target Active Directory by using PetitPotam, which takes attention among Ransomware Gangs, they are able to use this Vulnerability […]

FluBot Android Malware Technical Analysis

This image is about FluBot Android malware analysis.

Blog The FluBot it’s an Android malware that targets Android devices and spreads to victims via phishing SMS messages that contain a malicious link to download the FluBot app. Victims click on this link and then download a file with an.apk extension. Right after the installation process is completed, the FluBot malware communicates with the […]

The Dark Face of the Web: Dark Web&Deep Web

This image is about the dark web and deep web.

Blog Web is the common name of the “World Wide Web“, which is a subset of the internet that consists of pages that can be accessed via any web browser. There are those who think the internet is just search engines, but the internet is a huge world. The internet world is divided into three. […]

What is BOTNET?

This image is about botnets.

Blog Cyber attackers establish a network by infecting computers with malware. This remotely controlled malware is called a “bot“. The network of these bots is called a “botnet“. These computers are also called zombies. Sometimes cyber attackers set up a large botnet to make it easier and more organized for attacks to be carried out. […]

LockBit 2.0 Ransomware Analysis

This image is about LockBit 2.0 ransomware analysis.

Blog 1 Executive Summary 1.1 Overview LockBit 2.0 is a Ransomware as a Service (RaaS), with an Affiliate program in place. Oftentimes, their binaries are cryptographically signed with valid, stolen certificates. LockBit Ransomware have some similarity with Maze Ransomware in UAC bypass techniques but Encryption Routine makes LockBit 2.0 so powerful and fast against other […]

NOBELIUM APT29 – EnvyScout

This image is about NOBELIUM APT29's use of EnvyScout.

Blog Summary of Analysis The NOBELIUM group is also known as APT29. NOBELIUM has generally targeted government institutions, non-governmental organizations, think tanks, the military, IT service providers, R&D companies working in the healthcare field, and telecommunication providers in its attacks so far. It has been observed that the NOBELIUM group has been using Spear Phishing […]

Stay informed with the latest updates, expert insights, and in-depth analysis from ThreatMon’s cybersecurity intelligence. Subscribe to receive critical news, threat reports, and industry trends directly in your inbox, helping you stay ahead of emerging cyber threats.

Platform

Subscriptions

Solutions

Resources

Partner

Company

© 2024 ThreatMon. All rights reserved.
X-twitter Linkedin-in Github