A task force of European and U.S. agencies arrested 12 suspects in Switzerland and Ukraine as part of an action against a ransomware operation.
Didier Stevens has discovered several shared keypairs used by rogue Cobalt Strike implementations used by malicious actors.
A new email hijacking campaign by the TA551 attack group is installing the legitimate Sliver red-team tool as a payload, possibly for use in future ransomware operations.
The BlackMatter ransomware operators are targeting critical infrastructure operators in the U.S., including food suppliers.
Mandiant threat intelligence researchers give Decipher editor Lindsey O'Donnell-Welch a behind-the-scenes look at how they began tracking recently discovered ransomware group FIN12 - and what's next for the group.