Skip to content
  • Analysts
  • Contact Us
  • Services
  • Subscribe

The DFIR Report

Real Intrusions by Real Attackers, The Truth Behind the Intrusion

  • Analysts
  • Contact Us
  • Services
  • Subscribe
Wednesday, February 08, 2023

Tag: ransomware

PYSA/Mespinoza Ransomware
empire koadic mespinoza psexec ransomware rdp

PYSA/Mespinoza Ransomware

November 23, 2020

Intro Over the course of 8 hours the PYSA/Mespinoza threat actors used Empire and Koadic as well as RDP to move laterally throughout the environment, grabbing credentials from as many … Read More

empirekoadicmespinozaransomwarerdp
Ryuk Speed Run, 2 Hours to Ransom
adfind bazar cobaltstrike ransomware ryuk

Ryuk Speed Run, 2 Hours to Ransom

November 5, 2020

Intro Since the end of September Ryuk has been screaming back into the news. We’ve already covered 2 cases in that timeframe. We’ve seen major healthcare providers, managed service providers, … Read More

bazarcobalt strikekegtapransomwareryuk
Tweets by TheDFIRReport

Copyright 2023 | The DFIR Report | All Rights Reserved