TTPs stories

GuidePoint says ransomware attacks stayed elevated in Q1 as The Gentlemen surged, construction became a top target and extortion-only tactics spread.

ReliaQuest says suspected former Black Basta operators are bombarding staff with emails and posing as IT support in Microsoft Teams to reach senior executives.

Cybercriminals exploit Keitaro ad tracker to cloak AI trading scams and malware, tying some 15,500 malicious domains into a hidden network.

China-linked Warlock ransomware group exploits SmarterMail flaw for admin takeovers, chaining features to gain full Windows control.

Bitsight launches an AI-driven dark web monitoring tool to give organisations earlier warning of cyber threats targeting key suppliers.

Indian defence faces a decade-long silent siege as APT36 refines cross-platform cyber espionage with stealthy, persistent RAT campaigns.

DivisionHex launches a new framework leveraging Tenable One to help firms prioritise cyber exposure risks and improve security defence strategies.

Black Kite has launched its Adversary Susceptibility Index to help firms spot which suppliers are most exposed to specific cyber threat actors, enhancing risk management.

Silent Push launches upgraded Threat Intelligence Management with Feed Scanner interface to boost enterprises' early cyber threat detection and response.

The IT-ISAC reveals 58 high-risk cyber adversaries targeting the sector, urging companies to adopt a new risk assessment framework to mitigate threats.

A new Gartner report criticising SOAR systems for high costs and unmet promises has stirred controversy, with Acora defending its approach to optimising SOAR technology.

Cybercriminals exploit Cloudflare Tunnels, delivering remote access trojans via TryCloudflare abuse, notes Proofpoint, with evolving attack methods pushing past defences.

Rapid7 Labs' new paper reveals Kimsuky's sophisticated tactics, providing vital insights for security teams to bolster defences against these advanced persistent threats.

The rise of GenAI in business innovation, via tools like Microsoft Copilot, comes with an alarming spike in AI-powered cyberattacks, pushing security to its limits.

In April 2024, ReliaQuest uncovered a cyberattack by the BlackSuit ransomware group, highlighting critical vulnerabilities and the need for improved security measures.

ReliaQuest's annual threat report reveals AI and automation technologies improve organisations' response time to security incidents by up to 99% year on year.

Cybersecurity company Mandiant has identified that actor UNC5325 exploits an Ivanti zero-day vulnerability, utilising evasive techniques and malware to persistently infiltrate devices.

New research highlights APIs are now a leading attack vector, posing new and significant threats to organisations.