ransomware Archives - Page 2 of 2

Ransomware continues unabated in the year of continually mounting pressure. But for every big game actor out there compromising Fortune listed companies there are the little guys that maybe just … Read More

ransomware rdp yara

Lockbit Ransomware, Why You No Spread?

June 10, 2020

RDP brute forcing continues to be a favorite entry point for ransomware actors. In this past month we saw activity from the Lockbit ransomware family. Initial Access: RDP login from … Read More

ransomware rdp

Dharma Ransomware

April 14, 2020

An attacker logged into the honeypot via RDP from 178.239.173[.]172. Within 10 minutes the attacker went from local admin, to domain admin to installing ransomware on multiple machines. The attacker … Read More

ransomware rdp

GoGoogle Ransomware

April 4, 2020

An attacker logged into the honeypot from 93.174.95[.]73, disabled security tools, dropped their toolkit and started recon. Recon was quickly followed by an onslaught of password dumping tools such as … Read More

Category: ransomware

The Little Ransomware That Couldn’t (Dharma)

Lockbit Ransomware, Why You No Spread?

Dharma Ransomware

GoGoogle Ransomware