Introduction RansomHub is a cybercriminal ransomware/extortion group
which emerged in February 2024 and was first reported in same month. The
group operate a ransomware as a service (RaaS) business model and offer
use of their self-named ransomware t...
Introduction On 21 February 2024 two critical vulnerabilities in the
ScreenConnect were released on NVD. ScreenConnect is software for remote
desktop and access software from company ConnectWise. The first was
CVE-2024-1708[1] which is path-traversal...
Introduction Faust ransomware is a recent variant of the Phobos
ransomware family. Phobos ransomware group operate through a ransomware
as a service (RaaS) model and started their operations as early as 2018.
The group is known to instigate and sprea...
Introduction Pikabot is an advanced loader malware recently used by
threat actor ‘Water Curupira’[1]. Researchers have identified
similarities between Qakbot and Pikabot[2] with Pikabot appearing to
replace Qakbot. As a result of this changeover ther...
Introduction NineRAT is a relatively recent reported Remote Access
Trojan (RAT). This malware is written in the programming language DLang
and is linked to the North Korean threat actor group tracked as ‘Lazarus
Group[1]. NineRAT malware was first ob...