Threat Hunter TeamSymantecPosted: 24 Jan, 20244 Min ReadThreat IntelligenceThe 2024 Ransomware Threat LandscapeUnderstanding attackers' TTPs is key to stopping attacks before ransomware is deployed.The 2024 Ransomware Threat Landscape
Threat Hunter TeamSymantecPosted: 20 Jun, 20245 Min ReadSustained Campaign Using Chinese Espionage Tools Targets TelcosAttackers were heavily focused on telecoms operators in a single Asian country.Sustained Campaign Using Chinese Espionage Tools Targets Telcos
Threat Hunter TeamSymantecPosted: 12 Jun, 20243 Min ReadRansomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-daySome evidence to suggest that attackers linked to Black Basta compiled CVE-2024-26169 exploit prior to patching.Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day
Threat Hunter TeamSymantecPosted: 5 Jun, 20243 Min ReadRansomHub: New Ransomware has Origins in Older KnightEmergent operation has grown quickly to become one of the most prolific ransomware threatsRansomHub: New Ransomware has Origins in Older Knight
Threat Hunter TeamSymantecPosted: 16 May, 20248 Min ReadSpringtail: New Linux Backdoor Added to ToolkitMore than one legitimate software package was modified to deliver malware in North Korean group’s recent campaign against South Korean organizations.Springtail: New Linux Backdoor Added to Toolkit
Threat Hunter TeamSymantecPosted: 2 May, 20245 Min ReadGraph: Growing number of threats leveraging Microsoft APIGraph API is often used for inconspicuous communications to cloud-based command-and-control servers.Graph: Growing number of threats leveraging Microsoft API