Skip to content
  • Reports
  • Analysts
  • Services
    • Threat Intelligence
    • Detection Rules
    • DFIR Labs
      • Digital Forensics Challenge
      • Leaderboard
      • Digital Forensics Challenge Winners
      • Testimonials
    • Case Artifacts
    • Mentoring & Coaching Program
      • Book A Session
      • Meet The Team
  • Access DFIR Labs
  • Subscribe
  • Contact Us
  • Threat Intelligence
  • Detection Rules
  • DFIR Labs
    • Digital Forensics Challenge
    • Leaderboard
    • Digital Forensics Challenge Winners
    • Testimonials
  • Mentoring & Coaching Program
    • Book A Session
    • Meet The Team
  • Case Artifacts

The DFIR Report

Real Intrusions by Real Attackers, The Truth Behind the Intrusion

  • Reports
  • Analysts
  • Services
    • Threat Intelligence
    • Detection Rules
    • DFIR Labs
      • Digital Forensics Challenge
      • Leaderboard
      • Digital Forensics Challenge Winners
      • Testimonials
    • Case Artifacts
    • Mentoring & Coaching Program
      • Book A Session
      • Meet The Team
  • Access DFIR Labs
  • Subscribe
  • Contact Us
Friday, September 19, 2025
  • Threat Intelligence
  • Detection Rules
  • DFIR Labs
    • Digital Forensics Challenge
    • Leaderboard
    • Digital Forensics Challenge Winners
    • Testimonials
  • Mentoring & Coaching Program
    • Book A Session
    • Meet The Team
  • Case Artifacts

Category: sectoprat

Blurring the Lines: Intrusion Shows Connection With Three Major Ransomware Gangs
dragonforce play ransomhub sectoprat

Blurring the Lines: Intrusion Shows Connection With Three Major Ransomware Gangs

September 8, 2025

Key Takeaways Private Threat Briefs: 20+ private DFIR reports annually. Contact us today for pricing or a demo! Table of Contents: Case Summary Analysts Initial Access Execution Persistence Privilege Escalation Defense … Read More

Fake Zoom Ends in BlackSuit Ransomware
blacksuit bruteratel cobaltstrike ransomware sectoprat

Fake Zoom Ends in BlackSuit Ransomware

March 31, 2025

Key Takeaways Case Summary This case from May 2024 started with a malicious download from a website mimicking the teleconferencing application Zoom. When visiting the website and downloading a file … Read More

Register For Our Next CTF

Reports

Threat Intelligence

Detection Rules

DFIR Labs

Mentoring and Coaching

Proudly powered by WordPress | Copyright 2023 | The DFIR Report | All Rights Reserved