Threat and Vulnerability Intelligence Database

Example Searches:

	'Mora_001' ransomware gang exploiting Fortinet bug spotlighted by CISA in January Description: Two vulnerabilities impacting Fortinet products are being exploited by a new ransomware operation with ties to the LockBit ransomware group. Source: The Record March 17th, 2025 (about 1 month ago)
	Ransomware Developer Extradited, Admits Working for LockBit Description: Law enforcement discovered admin credentials on the suspect's computer for an online repository hosted on the Dark Web that stored source code for multiple versions of the LockBit builder. Source: Dark Reading March 14th, 2025 (about 1 month ago)
	Threat Actor Tied to LockBit Ransomware Targets Fortinet Users Description: The Mora_001 group uses similar post-exploitation patterns and ransomware customization originated by LockBit. Source: Dark Reading March 14th, 2025 (about 1 month ago)
	Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court Description: Rostislav Panev, who was arrested in Israel in August 2024 on U.S. charges related to dozens of LockBit ransomware attacks, has been extradited and appeared in a New Jersey federal court, authorities said. Source: The Record March 14th, 2025 (about 1 month ago)
	Suspected LockBit ransomware dev extradited to United States Description: A dual Russian-Israeli national, suspected of being a key developer for the LockBit ransomware operation, has been extradited to the United States to face charges. [...] Source: BleepingComputer March 14th, 2025 (about 1 month ago)
	New kids on the ransomware block channel Lockbit to raid Fortinet firewalls Source: TheRegister March 14th, 2025 (about 1 month ago)
	The New Ransomware Groups Shaking Up 2025 Description: In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year's total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of active ransomware groups jumped 40%, from 68 in 2023 to 95 Source: TheHackerNews March 3rd, 2025 (about 2 months ago)
	Feds Sanction Russian Hosting Provider for Supporting LockBit Attacks Description: US, UK, and Australian law enforcement have targeted a company called Zservers (and two of its administrators) for providing bulletproof hosting services to the infamous ransomware gang. Source: Dark Reading February 12th, 2025 (2 months ago)
	AUKUS blasts holes in LockBit's bulletproof hosting provider Source: TheRegister February 11th, 2025 (2 months ago)
	Zservers Hosting Sanctioned for Aiding LockBit Attacks Description: The United States, United Kingdom, and Australia have jointly imposed sanctions on Zservers, a Russia-based bulletproof hosting (BPH) provider, for supporting LockBit ransomware operations. The action, announced by the U.S. Treasury's Office of Foreign Assets Control (OFAC), targets the company's role in facilitating cyberattacks against critical infrastructure worldwide. Additionally, two Russian nationals linked to Zservers … The post Zservers Hosting Sanctioned for Aiding LockBit Attacks appeared first on CyberInsider. Source: CyberInsider February 11th, 2025 (2 months ago)