Ransomware Advisory: Log4Shell Exploitation for Initial Access & Lateral Movement
By Vitali Kremez & Yelisey Boguslavskiy This redacted report is based on our actual proactive victim breach intelligence and subsequent...
BLOG
AdvIntel's Threat Reporting Blog
Blog offers insight into the botnet & breaches & its unique workings. Our investigators and reverse engineers share AdvIntel's most illuminating findings on subjects such as ransomware, political meddling, high-profile financial fraud & APT threats.
Search
- Nov 19, 2021
- 7 min
Corporate Loader "Emotet": History of "X" Project Return for Ransomware
By Yelisey Boguslavskiy & Vitali Kremez AdvIntel deep-dives into the contemporary threat landscape illustrating how Emotet’s return might...
- Sep 29, 2021
- 5 min
Backup “Removal” Solutions - From Conti Ransomware With Love
By Vitali Kremez & Yelisey Boguslavskiy This redacted report is based on our actual proactive victim breach intelligence and subsequent...
- Sep 8, 2021
- 7 min
Groove VS Babuk; Groove Ransom Manifesto & RAMP Underground Platform Secret Inner Workings
By Yelisey Boguslavskiy & Anastasia Sentsova Key Takeaways: On September 7, 2021, a representative of the Groove ransomware syndicate...
- Aug 26, 2021
- 9 min
From Russia With… LockBit Ransomware: Inside Look & Preventive Solutions
By Anastasia Sentsova A recent interview with a LockBit ransomware gang representative fulfills their purpose of promoting the syndicate...
![Hunting for Corporate Insurance Policies: Indicators of [Ransom] Exfiltration](https://static.wixstatic.com/media/9d5cee_d7e6e25ead6a46099c16195765298b98~mv2.png/v1/fill/w_454,h_341,fp_0.50_0.50,q_95,enc_auto/9d5cee_d7e6e25ead6a46099c16195765298b98~mv2.png)
- Aug 16, 2021
- 2 min
Hunting for Corporate Insurance Policies: Indicators of [Ransom] Exfiltration
By Vitali Kremez & Yelisey Boguslavskiy This report is based on our actual proactive victim breach intelligence and subsequent incident...
- Aug 11, 2021
- 3 min
Secret "Backdoor" Behind Conti Ransomware Operation: Introducing Atera Agent
By Vitali Kremez This report is based on our actual proactive victim breach intelligence and subsequent incident response (not a...
- Jun 29, 2021
- 8 min
Ransomware-&-CVE: Industry Insights Into Exclusive High-Value Target Adversarial Datasets
By Yelisey Boguslavskiy, Brandon Rudisel & AdvIntel Security & Development Team Four months ago two major vectors of vulnerabilities - MS...
- Jun 15, 2021
- 10 min
The Rise & Demise of Multi-Million Ransomware Business Empire
Vitali Kremez & Yelisey Boguslavskiy Executive Summary: On June 11, 2021, Avaddon ransomware responsible for numerous cyber incidents...
- Jun 7, 2021
- 4 min
From QBot...with REvil Ransomware: Initial Attack Exposure of JBS
Vitali Kremez & Yelisey Boguslavskiy At Advanced Intelligence, LLC we focus on providing *only* primary source proactive intelligence...
- May 14, 2021
- 5 min
From Dawn to "Silent Night": "DarkSide Ransomware" Initial Attack Vector Evolution
Disclaimer: This is a redacted excerpt of the report published by the subject matter expert team at Advanced Intelligence for the...
- Apr 16, 2021
- 6 min
Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021
By Vitali Kremez, Al Calleo, Yelisey Boguslavskiy Ryuk ransomware infections have been observed since late 2018. Ryuk actors are...
- Mar 18, 2021
- 13 min
The Ransomware Plague: Is LATAM Surrendering to Digital Extortion?
By Beatriz Pimenta Klein This Research is the third part of the AdvIntel LATAM Series. To see other blogs within this series please...
- Feb 12, 2021
- 9 min
Breach of Trust: How Threat Actors Leverage Confidential Information Against Law Firms
Tyler Combs Key Takeaways Increasing digitization and the primacy of information in the modern economy has made effective cybersecurity...
- Oct 30, 2020
- 10 min
Cyber Privateers: Ransomware, APTs, & Botnets in the Maritime Industry Threat Landscape
By Brandon Rudisel Key Takeaways The maritime industry includes a wide variety of services with the main focus being on commercial and...
- Oct 26, 2020
- 5 min
An Interview with "UNKN" Sheds Light on REvil's Operations & Future Victims
By: Yelisey Boguslavskiy Key Takeaways: REvil believes that ransomware as a trend will entirely move towards data extraction and not...
- Jul 24, 2020
- 6 min
Inside "Phobos" Ransomware: "Dharma" Past & Underground
By Bridgit Sullivan What is Phobos Ransomware? Phobos is a type of Advanced Encryption Standard (AES) ransomware that was first seen in...
- Jul 15, 2020
- 14 min
Inside REvil Extortionist “Machine”: Predictive Insights
Takeaways Cybercrime groups often operate on traditional crime group behavioral patterns. REvil main collective group patterns are:...
- May 19, 2020
- 5 min
NetWalker Ransomware Group Enters Advanced Targeting “Game”
Background and Summary Throughout the COVID-19 crisis, there has been a drastic increase in the number of cyberattacks targeting the...
- Apr 6, 2020
- 7 min
Digital "Pharmacusa" IV: Fighting for Data, Hearts, Minds; How Maze “Ransomhack” Redefined Extortion
In the 1st century BC, a small island of Pharmacusa (Farmakonisi) became a scene of one of the most infamous ransom extortions in...