Understanding the Phobos affiliate structure and activityNovember 17, 2023 08:01
Cisco Talos identified the most prolific Phobos variants, TTPs and affiliate structure, based on their activity and analysis of over 1,000 samples from VirusTotal dating back to 2019. We assess with moderate confidence Eking, Eight, Elbie, Devos and Faust are the most common variants
What Cisco Talos knows about the Rhysida ransomwareAugust 8, 2023 15:36
The group appears to commonly deploy double extortion — of the victims that have been listed on the leak site, several of them have had some portion of their exfiltrated data exposed.
New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomwareAugust 7, 2023 08:00
Cisco Talos discovered an unknown threat actor, seemingly of Vietnamese origin, conducting a ransomware operation that began at least as early as June 4, 2023 with customized Yashma ransomware.