Introduction SparkRAT is an open source, cross platform remote access
tool (RAT) written in Golang[1]. SparkRAT has been employed by various
threat actor groups including Winnti[2] and DragonSpark[3]. Most
recently, SparkRAT was identified as a core ...
Introduction In October 2023, the source code for a ransomware family
dubbed ‘HelloKitty’ was leaked on the XSS forum[1]. This variant is
suspected to be a later iteration of the FiveHands ransomware[2] based
on shared infrastructure and code similar...
Description The FortiGuard Incident Response team is ready to assist
with the discovery, containment, and remediation of intrusions within
victim environments. The FortiGuard Incident Response team is available
24/7 to support organizations throughou...
Introduction Black Basta is a ransomware operator group who operate
their own ransomware as a service (RaaS) offering with the same name.
Black Basta began operations in April 2022 and continue to execute
targeted attacks against high profile organiz...
Introduction Earlier this month CISA, FBI, NCSC (National Cyber Security
Centre) and ASD (Australian Signals Directorate) released a joint
advisory[1] outlining ‘Snake’ a backdoor malware family that has been
effectively employed by the FSB over the <!-- --><!-- --><!-- --><!-- -->...