Ransomware: Activity Levels Remain High Despite Disruption

216.73.216.6

Ransomware: Activity Levels Remain High Despite Disruption

· Published 11/07/2024 13:06 · Modified 11/07/2024 13:35

Essential information

Published: 11/07/2024 13:06
Modified: 11/07/2024 13:35
Tags: 2024-07-11 CVE-2024-4577 akira alphv blackcat blacksuit cyclops blink disruption encryption lockbit noberus phobos qilin ransomware tellyouthepass vulnerability warp av killer
Related entities: 1 vulnerabilities (cve), 27 observables, 16 techniques (mitre), 12 malware

Description

While overall activity levels dipped slightly in the first quarter of 2024, the number of claimed attacks remained high, with LockBit accounting for over 20%. The report explores the changing tactics employed by ransomware actors, including the exploitation of vulnerabilities, the use of Bring-Your-Own-Vulnerable-Driver techniques, and the return of the Clop ransomware by the Snakefly group.

Related entities

External references

https://symantec-enterprise-blogs.security.com/threat-intelligence/ransomware-q2-2024
https://otx.alienvault.com/pulse/668fd8ec788983816343aa3a

Ransomware: Activity Levels Remain High Despite Disruption

Essential information

Description

Related entities

Vulnerabilities (CVE) (1)

Observables (27)

Techniques (MITRE) (16)

Malware (12)

External references