A task force of European and U.S. agencies arrested 12 suspects in Switzerland and Ukraine as part of an action against a ransomware operation.
Didier Stevens has discovered several shared keypairs used by rogue Cobalt Strike implementations used by malicious actors.
A new email hijacking campaign by the TA551 attack group is installing the legitimate Sliver red-team tool as a payload, possibly for use in future ransomware operations.
Mandiant threat intelligence researchers give Decipher editor Lindsey O'Donnell-Welch a behind-the-scenes look at how they began tracking recently discovered ransomware group FIN12 - and what's next for the group.
The BlackMatter ransomware operators are targeting critical infrastructure operators in the U.S., including food suppliers.