ransomware

blackcat cobaltstrike ransomware
blackcat, cobaltstrike, ransomware, sliver
Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware
Read more
September 30, 2024
adfind blacksuit cobaltstrike
adfind, blacksuit, cobaltstrike, ransomware
BlackSuit Ransomware
Read more
August 26, 2024
alphv cobaltstrike icedid
alphv, cobaltstrike, icedid, ransomware
IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment
Read more
June 10, 2024
dagonlocker adfind cobaltstrike
dagonlocker, adfind, cobaltstrike, icedid
From IcedID to Dagon Locker Ransomware in 29 Days
Read more
April 29, 2024
nokoyawa adfind Exfiltrate Data
nokoyawa, adfind, Exfiltrate Data, icedid, ransomware
From OneNote to RansomNote: An Ice Cold Intrusion
Read more
April 1, 2024
Exfiltrate Data ransomware rdp
Exfiltrate Data, ransomware, rdp, trigona
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours
Read more
January 29, 2024
bluesky cobaltstrike ransomware
bluesky, cobaltstrike, ransomware
SQL Brute Force Leads to BlueSky Ransomware
Read more
December 4, 2023
Hive cobaltstrike ransomware
Hive, cobaltstrike, ransomware, wmiexec
From ScreenConnect to Hive Ransomware in 61 hours
Read more
September 25, 2023
nokoyawa adfind Attribution
nokoyawa, adfind, Attribution, icedid, ransomware
HTML Smuggling Leads to Domain Wide Ransomware
Read more
August 28, 2023
nokoyawa adfind cobaltstrike
nokoyawa, adfind, cobaltstrike, icedid, macro, ransomware, xls
IcedID Macro Ends in Nokoyawa Ransomware
Read more
May 22, 2023

The DFIR Report provides in-depth, real-world intelligence based on observed intrusions, enabling security analysts and teams 
to strengthen defenses, enhance detection, 
and accelerate response.

© 2025 The DFIR Report. All Rights Reserved. | Privacy Policy