UC2

Back to Analysts

ransomhub ransomware rdp

Hide Your RDP: Password Spray Leads to RansomHub Deployment

June 30, 2025

alphv cobaltstrike icedid

IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment

June 10, 2024

Hive cobaltstrike ransomware

From ScreenConnect to Hive Ransomware in 61 hours

September 25, 2023

Access DFIR Labs Book a Demo

The DFIR Report provides in-depth, real-world intelligence based on observed intrusions, enabling security analysts and teams  to strengthen defenses, enhance detection,  and accelerate response.

UC2

Reports by UC2

Hide Your RDP: Password Spray Leads to RansomHub Deployment

IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment

From ScreenConnect to Hive Ransomware in 61 hours