Privilege Escalation via Mouse installation
Local privilege escalation primitive abusing Windows mouse-driver installation flow: exploitation pre-conditions and mitigation considerations.
Category
Emerging Threats
Read the analysis
Marketo and Virginia Defense Force: classified data published
Marketo extortion site publishes data attributed to the Virginia Defense Force: data scope, attribution claims and downstream risk for affected entities.
Advanced Persistent Adware: IsErik
IsErik adware family with APT-style persistence: registry tampering, browser hijack persistence, removal complexity and detection considerations.
New attack against Microsoft Exchange servers
Fresh wave of attacks against Microsoft Exchange Server: new exploitation patterns, web shell families observed and mitigation guidance for exposed environments.
Inside a Ransomware Gang
Operational anatomy of a ransomware gang: roles, affiliate program structure, financial distribution and OPSEC practices observed inside leaked communications.
Black Markets: how they are organised and what data they hold
Underground marketplaces structure: vendor reputation, escrow models, product taxonomy (credentials, accesses, malware kits, leaked data) and policing dynamics.
Ursnif — 2 August 2021 campaign
Ursnif campaign of 2 August 2021: Italian-language phishing waves, payload delivery patterns and host indicators across the latest infection set.
Ransomware Evolution and Group Reorganization
Over the past year, ransomware and cyberattacks have experienced exponential growth. In 2020, the FBI reported a 400% increase in cyberattacks—incidents that have not only become more frequent but also more precise, accurate, and methodical. Below is an examination of the reorganization of several prominent criminal groups. BlackMatter A new ransomware gang named BlackMatter is … Read more
MedusaLocker ransomware
MedusaLocker ransomware family: encryption logic, file extension behaviour, network spread mechanics and operator profile inside the affiliate ecosystem.
