Ransomware Tool Matrix Update: Community Reports 作者创建了一个社区报告模板，允许网络安全从业者匿名分享勒索软件团伙使用的工具信息，并通过GitHub提交报告。这一举措解决了缺乏公开引用来源的问题，使更多人能够为Ransomware Tool Matrix贡献力量。... 2025-9-13 20:46:28 | 阅读: 22 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net ransomware github security

Ransomware Tool Matrix Project Updates: May 2025 这篇文章总结了近期 ransomware tool matrix (RTM) 和 ransomware vulnerability matrix (RVM) 的更新内容，分析了当前勒索软件生态系统的不稳定性及多个活跃勒索团伙的工具使用情况，并列出了相关威胁情报来源及新增工具和漏洞利用信息。... 2025-5-5 22:2:2 | 阅读: 20 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net ransomware medusa ransomhub bianlian hunters

Tracking Adversaries: EvilCorp, the RansomHub affiliate 文章描述了网络犯罪组织EvilCorp与RansomHub之间的关联。EvilCorp是受制裁的俄罗斯网络犯罪集团，以开发多种勒索软件闻名；而RansomHub是由说俄语的网络罪犯运营的勒索软件即服务（RaaS）平台。两者通过共享恶意软件工具和战术合作，在网络攻击中相互配合。这种合作使RansomHub成为最活跃的勒索软件团伙之一，并可能面临类似EvilCorp的制裁风险。... 2025-4-2 16:1:21 | 阅读: 3 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net ransomhub evilcorp ransomware socgholish lockbit

BlackBasta Leaks: Lessons from the Ascension Health attack BlackBasta团伙的聊天记录揭示了其内部运作和对医疗行业的攻击。他们于2024年5月攻击了Ascension Health，导致560万患者数据泄露。在谈判中，尽管最初要求高额赎金，但最终提供了免费解密器并删除数据。... 2025-2-27 22:46:20 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net ascension blackbasta ransomware gg tinker

Investigating Anonymous VPS services used by Ransomware Gangs 文章探讨了小型英国主机提供商BitLaunch如何被网络犯罪分子滥用。该提供商通过匿名VPS服务和加密货币支付为恶意活动提供便利。研究人员指出其对网络安全构成威胁，并建议加强监管和技术手段以应对这一问题。... 2025-2-14 19:32:14 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net bitlaunch ransomware c2 hosters

Tracking Adversaries: Ghostwriter APT Infrastructure Introduction to Infrastructure PivotingPivoting on infrastructure is a handy skill for cyber th... 2025-1-19 20:16:22 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net shop ghostwriter analysis cyble

Analysis of Counter-Ransomware Activities in 2024 The scourge of ransomware continues primarily because ofthree main reasons: Ransomware-as-a-Servic... 2025-1-12 13:2:17 | 阅读: 28 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net ransomware lockbit arrested russia cryptex

Top 10 Cyber Threats of 2024 IntroductionThe aim of this blog is to highlight the 2024 global cybersecuritytrends that defend... 2024-12-9 08:31:22 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net ransomware north reportedly software iranian

Cyber Threat Intelligence for Autodidacts IntroductionCyber Threat Intelligence (CTI) analysts come from diversebackgrounds, and their rol... 2024-10-31 06:16:27 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net cti security github analysis

The Russian APT Tool Matrix IntroductionBased on feedback I have received from fellow CTIresearchers, incident responders, a... 2024-9-23 04:46:57 | 阅读: 36 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net bear cozy ransomware ember fancy

Examining Mobile Threats from Russia IntroductionRussian state-sponsored threat groups, such as Fancy Bear (APT28),Cozy Bear (APT29),... 2024-9-22 18:32:0 | 阅读: 56 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net ukraine bear sandworm ukrainian russia

The Ransomware Tool Matrix IntroductionRansomware attacks are becoming increasingly damaging, but one thing remains consistent... 2024-8-16 08:31:51 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net ransomware defenders gangs repository identify

Tracking Adversaries: The Qilin RaaS This blog is part of my Tracking Adversaries blog series,whereby I perform a summary analysis of a... 2024-6-13 06:1:55 | 阅读: 64 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net qilin ransomware affiliates victim alphv

Strengthening Threat Hunting Programs - Part 2: Risk Hunting This is the second part of my threat hunting blog series. Pleaseclick here for the first part.Intr... 2024-6-12 01:31:54 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net security cti reportedly risky

Strengthening Threat Hunting Programs - Part 1: Requests for Threat Hunts This is the first part of a threat hunting blog series I want to start. I plan to share some insigh... 2024-6-12 01:31:53 | 阅读: 10 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net hunt cti security signs

The CTI Analyst Challenge The CTI Analyst ChallengeWelcome to the Cyber Threat Intelligence (CTI) Analyst Challenge!... 2024-6-9 05:46:52 | 阅读: 34 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net raspberry cti robin scattered mps

Strengthening Proactive CTI Through Collaboration Those who have worked in our industry for a certain amount of time will be acutely aware that execu... 2024-4-4 07:46:52 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net cti executives security inquiries proactive

Tracking Adversaries: UAC-0050, Cracking The DaVinci Code In this blog, we shall investigate a Russia-based mercenary group that has appeared in multiple CER... 2024-3-7 08:31:51 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net davinci rubles rub 0050 000p

Lessons from the iSOON Leaks IntroductionA Chinese Ministry of Public Security (MPS) contractor called iSOON (also known as Anx... 2024-2-23 07:31:51 | 阅读: 53 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net isoon mps security hypothesis analysis

Top 10 Cyber Threats of 2023 Introduction2023 was packed with amultitude of significant events that caused many to rethink th... 2023-12-12 20:1:51 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - blog.bushidotoken.net okta software ransomware israel security