Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/screaminggoat/statuses/113595395625515647">screaminggoat (screaminggoat@infosec.exchange)'s status on Thursday, 05-Dec-2024 01:22:38 JST</a><a href="https://infosec.exchange/@screaminggoat" title="screaminggoat@infosec.exchange"><img src="https://gnusocial.jp/avatar/278335-48-20250102170004.webp" width="48" height="48" alt="screaminggoat" style="position: absolute; left: 0; top: 0;">screaminggoat</a></section><article><p>Rapid7: <a href="https://www.rapid7.com/blog/post/2024/12/04/black-basta-ransomware-campaign-drops-zbot-darkgate-and-custom-malware/" rel="nofollow noreferrer">Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware</a><br>Rapid7 reports a resurgence of activity from Black Basta ransomware operators in early October 2024 with new malware payloads, improved delivery, and increased defense evasion. They provide a technical analysis of the attack lifecycle. Indicators of compromise provided at their <a href="https://github.com/rapid7/Rapid7-Labs/blob/main/IOCs/BlackBasta_SocialEngineering_IOCs.txt" rel="nofollow noreferrer">GitHub repo</a> (EDIT: 404 file missing), and TTPs are mapped to MITRE ATT&amp;CK.</p><p><a href="https://infosec.exchange/tags/blackbasta" rel="tag">#blackbasta</a> <a href="https://infosec.exchange/tags/ransomware" rel="tag">#ransomware</a> <a href="https://infosec.exchange/tags/cybercrime" rel="tag">#cybercrime</a> <a href="https://infosec.exchange/tags/ioc" rel="tag">#ioc</a> <a href="https://infosec.exchange/tags/threatintel" rel="tag">#threatintel</a> <a href="https://infosec.exchange/tags/infosec" rel="tag">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" rel="tag">#cybersecurity</a> <a href="https://infosec.exchange/tags/cyberthreatintelligence" rel="tag">#cyberthreatintelligence</a> <a href="https://infosec.exchange/tags/CTI" rel="tag">#CTI</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4122505#notice-8055683">In conversation</a><time datetime="2024-12-05T01:22:38+09:00" title="Thursday, 05-Dec-2024 01:22:38 JST">about 4 months ago</time> <span>from <span><a href="https://infosec.exchange/@screaminggoat/113595395625515647" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@screaminggoat/113595395625515647">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
screaminggoat (screaminggoat@infosec.exchange)'s status on Thursday, 05-Dec-2024 01:22:38 JST screaminggoat
Rapid7: Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware
Rapid7 reports a resurgence of activity from Black Basta ransomware operators in early October 2024 with new malware payloads, improved delivery, and increased defense evasion. They provide a technical analysis of the attack lifecycle. Indicators of compromise provided at their GitHub repo (EDIT: 404 file missing), and TTPs are mapped to MITRE ATT&CK.
#blackbasta #ransomware #cybercrime #ioc #threatintel #infosec #cybersecurity #cyberthreatintelligence #CTI
In conversationabout 4 months ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice