Cactus: Defending against a ransomware newcomer
Cactus emerged in March this year and has since built an extensive portfolio of high-profile victims.
Logpoint has analyzed Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IoCs) to establish defenses.
COPENHAGEN, Denmark, November 27, 2023 – Cactus has emerged as a sophisticated ransomware group with a severe impact on its victims. The newcomer first appeared in March
Cozy Bear: Unmasking the decades-long espionage arsenal
The infamous state-sponsored Advanced Persistent Threat (APT) linked to Russia remains active, posing a severe threat to organizations. Logpoint has analyzed the Tactics, Techniques, and Procedures (TTPs), helping organizations detect the threat actor.
Akira: A new ransomware gang wreaks havoc
Emerging in March this year, Akira quickly joined the most active ransomware groups as number four. Logpoint has analyzed the Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise IoCs enabling protection.
Logpoint releases enhanced automation, investigation, and incident response capabilities
Logpoint releases various updates to its Converged SIEM platform to help SOC teams operate with practical SOC-centered functions and improved end-to-end functionality. The new release enables organizations to increase automation, investigation, and the ability to react to security events.
8base ransomware group significantly boosts activity level
8base is among the top 5 ransomware groups this summer, and Logpoint has uncovered the Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise IoCs to look out for.
Warning about Russian threat actor Gamaredon: How to stay protected ahead of invasion anniversary cyber threat
Logpoint has conducted research into the hacktivist group Gamaredon, which according to Ukrainian CERT, is actively renewing attack efforts shifting focus from destruction to espionage and information stealing.
Royal ransomware investigation: How to brace for the sharp increase
Logpoint research reveals what organizations should monitor for to safeguard against the rapid increase in royal ransomware attacks. The Royal ransomware group has leaked data of more than 60 victims since November 2022.
The resurgence of a crippling malware: How to threat hunt Emotet
Logpoint research reveals that Emotet has developed into a Loader-as-a-Service - a dropper of other malware. Logpoint recommends looking out for its common TTPs, IoCs, and malicious macros to detect Emotet.
Hunting BlackCat: A ransomware family on the rise
Logpoint research reveals that BlackCat has the fourth-highest number of victims in the last six months. BlackCat uses its public leak site to intimidate victims, where anyone can easily search and access the leaked victim information.
Cyber attackers hiding behind legal threats: A deep-dive into the IcedID gateway to sophisticated cyberattacks
Logpoint Global Services has researched the banking trojan IcedID, which has developed into a gateway for more sophisticated attacks. IcedID leverage legitimate infrastructure like contact forms and email to deliver fake legal threats or spoofed invoices.
LockBit: A deep-dive into the rapidly evolving RaaS gang and its unique business model
New Logpoint study unfolds the ransomware threat landscape in the wake of the LockBit 3.0 launch in June 2022. LockBit 3.0 introduces new unique services such as automatic data exfiltration and the world’s first ransomware bug-bounty program.
QakBOT: An old acquaintance resurfaces with new capabilities
A new Logpoint study reveals that the latest QakBot malware version is heavily used in malspam campaigns by notorious ransomware gangs. The new QakBot emergence uses multiple, simple yet effective defense evasion techniques against static detection methods.