A new email hijacking campaign by the TA551 attack group is installing the legitimate Sliver red-team tool as a payload, possibly for use in future ransomware operations.
The BlackMatter ransomware operators are targeting critical infrastructure operators in the U.S., including food suppliers.
Mandiant threat intelligence researchers give Decipher editor Lindsey O'Donnell-Welch a behind-the-scenes look at how they began tracking recently discovered ransomware group FIN12 - and what's next for the group.
A Financial Crimes Enforcement Network (FinCEN) report showed cybercriminals switching up their money laundering efforts, in order to avoid detection by law enforcement.
Ransomware actors hist three wastewater facilities in the U.S. in the last few months, accessing SCADA devices and disrupting operations, CISA said.