A 33-year-old dual Russian and Canadian national was arrested this week for allegedly participating in LockBit ransomware attacks.
Researchers at SentinelLabs have identified several links between the Black Basta ransomware actors and the FIN7 cybercrime group.
The Daixin group has been targeting healthcare organizations with double extortion ransomware attacks, U.S. government agencies warned.
Threat actors are using customized exfiltration tools in hopes of increasing the speed for their ransomware attacks.
Researchers said the attack kill chain is the first time they observed Brute Ratel being used as a second-stage payload via a Qakbot infection.