BRICKSTORM is a custom-made malware family recently being used by suspected state-aligned threat actors out of China. Some of the binary files associated with BRICKSTORM appear to have been made specifically to target vCenter servers and VMware virtualized...
Aliases DragonForce Malaysia (early hacktivist identity) DragonForce Ransomware Gang DragonLeaks (leak site) DFRansom Get Threat Intel and Security Updates Delivered to Your Inbox. Profiling Threat Actor Type: Initially a hacktivist collective (2021–2022),...
CISOs have spent the last decade hardening endpoints, identities, and cloud workloads. Yet for many organizations, the hypervisor remains dangerously exposed. Over the past four years, hypervisor-specific ransomware has driven an estimated $1 billion in damage, with...
Aliases ShinyCorp UNC6240 Sometimes referenced as “Scattered Lapsus$ Hunters” in recent collaborations. Get Threat Intel and Security Updates Delivered to Your Inbox. Profiling Threat Actor Type: Financially motivated data-theft and extortion collective (not...
Aliases ABCD ransomware LockBit 2.0 LockBit Black (3.0) LockBit Green LockBit 5.0 Get Threat Intel and Security Updates Delivered to Your Inbox. Profiling Threat Actor Type: Ransomware-as-a-Service (RaaS) with global affiliate network. ...
Hypervisor attacks are accelerating, and the cost is catastrophic. Recent ESXi ransomware attacks have cost organizations hundreds of millions in recovery. In some cases, a single ESXi breach has led to costs exceeding $400 million. Ransomware targeting virtualized...
