Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: The threat actors behind the RansomHub ransomware-as-a-service (RaaS) scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network's domain controller as part of their post-compromise strategy.
"RansomHub has targeted over 600 organizations globally, spanning sectors
February 14th, 2025 (2 months ago)
|
|
|
Description: Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network.
According to GuidePoint Security, initial access is said to have been facilitated by means of a JavaScript malware downloaded named
January 16th, 2025 (3 months ago)
|
|
|
Description: Community Health Northwest Florida Has Been Claimed a Victim to RansomHub Ransomware
January 13th, 2025 (3 months ago)
|
|
|
Description: MetLife Has Been Claimed a Victim to RansomHub Ransomware
December 31st, 2024 (4 months ago)
|
|
|
Description: McCoy Global Inc. Has Been Claimed a Victim to RansomHub Ransomware
December 23rd, 2024 (4 months ago)
|
|
|
Description: Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group. [...]
November 29th, 2024 (5 months ago)
|