Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families…
A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact…
Malicious PowerShell script pushing malware looks AI-written
A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system…
Ransomware as a Service and the Strange Economics of the Dark Web
Ransomware is quickly changing in 2024, with massive disruptions and large gangs shutting down. Learn from Flare how affiliate competition…
Hackers steal Windows NTLM authentication hashes in phishing attacks
The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes…
New Report From Flare Highlights Pervasive Threat of Initial Access Brokers in NATO Countries
PRESS RELEASE Montreal, Quebec, Canada – February 6, 2024 – Flare, the leading Continuous Threat Exposure Management (CTEM)...
Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks
Attackers have increasingly leveraged the widely used remote access tool, installed on hundreds of millions of endpoints, to break into…
Gootloader Aims Malicious, Custom Bot Army at Enterprise Networks
Previously limited to initial access brokering, the Gootloader group has pivoted to a nasty post-compromise "GootBot" attack, each implant with…
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families…
‘Gold Melody’ Access Broker Plays on Unpatched Servers’ Strings
A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact…
Microsoft Teams Hacks Are Back, As Storm-0324 Embraces TeamsPhisher
Collaboration apps are a boost to business productivity, but also a uniquely attractive target for cyberattackers.
Japanese watchmaker Seiko breached by BlackCat ransomware gang
The BlackCat/ALPHV ransomware gang has added Seiko to its extortion site, claiming responsibility for a cyberattack disclosed by the Japanese…