Who is Trickbot? Since the start of the Russia-Ukraine conflict, Russian based cybercrime groups have been placed…
Ransomware Review – November 2021 The Snatch ransomware operators, a group that began operating in 2019 and disappeared in…
Cyjax research sees TeamTNT added to Mitre ATT&CK framework A wide variety of malware and threat actors target cloud and container technologies, such…
Persistent AgentTesla campaign targeting the UAE Cyjax analysts have analysed a long-running AgentTesla infostealer campaign targeting Dubai and the United…
Ransomware Review – September 2021 This month saw the return of the REvil ransomware group (also known as Sodinokibi).…
Ransomware Review – July 2021 The most significant ransomware attack in July was the Kaseya attack conducted by the…
REvil-ution – A Persistent Ransomware Operation REvil (short for Ransomware Evil) is a revolutionary ransomware operation. Its predecessor, GandCrab, which…
Darknet Review – Q1 2021 The first quarter of 2021 saw a number of noteworthy developments in the darknet…
WizardSpider using legitimate services as cloak of invisibility Ransomware has continued to play a dominant role in the 2021 threat landscape alongside…
SolarWinds Saga – Where Do We Stand? The investigation into the SolarWinds supply-chain attack continues apace. In this follow-up to our…
Office 365 credential-harvesting campaign leveraging Basecamp Cyjax analysts recently uncovered an Office 365 credential-harvesting campaign that masquerades as “A Message…