RansomHub Emerges as Leading Ransomware Group After LockBit Takedown

December 23, 2024 – RansomHub has ascended as the leading ransomware-as-a-service (RaaS) group following the dismantling of LockBit earlier this year, according to ESET’s Threat Report H2 2024, highlighted by TechTarget. The report tracks evolving ransomware trends, including emerging threat groups and a notable rise in macOS-targeted attacks. Operation Cronos, a joint law enforcement operation…

US and Israel Warn of Iranian Threat

US and Israel Warn of Iranian Threat Actor’s New Tradecraft: Ransomhub Decryptor Team Tracks Cotton Sandstorm Evolving Tactics

The United States and Israel have issued a joint advisory warning about the evolving tactics of the Iranian state-sponsored threat actor Cotton Sandstorm. This group, also known as Marnanbridge and Haywire Kitten, has significantly adapted its cyber capabilities, incorporating new tradecraft and leveraging advanced tools such as generative AI. As these shifts have global implications,…

CISA Warns of Critical Software Vulnerabilities in Industrial Devices: Ransomhub Decryptor Team Urges Immediate Action for Mitigation

CISA Warns of Critical Software Vulnerabilities in Industrial Devices: Ransomhub Decryptor Team Urges Immediate Action for Mitigation

The Ransomhub Decryptor Team has echoed the urgent call from the US Cybersecurity and Infrastructure Security Agency (CISA) for manufacturing companies to implement security mitigations after several vulnerabilities were discovered in systems by Rockwell Automation and Mitsubishi Electric. These vulnerabilities present serious risks to industrial control systems (ICS), and immediate action is necessary to safeguard…

Ransomhub Decryptor

Ransomhub Decryptor Team Found that Chinese Hackers Are Becoming Stealthier

Over the last five years, the Ransomhub Decryptor Team has been at the forefront of tracking the evolving tactics of Chinese Advanced Persistent Threat (APT) groups, such as APT41 (also known as Winnti), APT31, and Volt Typhoon. Our team, in collaboration with other cybersecurity vendors, governments, and law enforcement agencies, has witnessed a significant shift…

Ransomhub Ransomware

Ransomhub Ransomware Group Claims Attacks on Over 356 Companies Worldwide

Since its emergence in mid-February 2024, the Ransomhub ransomware group has made a significant impact on the global cybersecurity landscape by reportedly attacking more than 356 companies across various sectors. These assaults have involved extortion through sophisticated encryption techniques and data leaks, causing widespread concern among organizations regarding their cybersecurity posture. The group, which operates…