Tag: Cactus Ransomware

ToyMaker Activity Detection: Initial Access Brokers Compromise Hosts in Critical Infrastructure Organizations via SSH and File Transfer Utilities
ToyMaker Activity Detection: Initial Access Brokers Compromise Hosts in Critical Infrastructure Organizations via SSH and File Transfer Utilities

In recent years, the surge in cyber-attacks has been fueled by the expansion of Initial Access Broker (IABs) that trade access to breached networks. In 2023, security researchers revealed a widespread breach targeting critical infrastructure organizations orchestrated by a highly advanced threat group known as “ToyMaker,” which operated as an IAB. Hackers leverage exposed internet-facing […]

Read More
Cactus Ransomware Detection: Attackers Launch Targeted Attacks to Spread Ransomware Strains
Cactus Ransomware Detection: Attackers Launch Targeted Attacks to Spread Ransomware Strains

Heads up! Recent Cactus ransomware attacks are getting into the spotlight. Hackers exploit critical Qlik Sense vulnerabilities to further deliver Cactus ransomware. In other ransomware campaigns, they leverage malvertising lures to spread DanaBot malware for initial access to compromised systems.  Detecting Cactus Ransomware Infections Ransomware operators are constantly seeking new ways to proceed with payload […]

Read More