18 min
Incident Response
Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware
Beginning in early October, Rapid7 has observed a resurgence of activity related to the ongoing social engineering campaign being conducted by Black Basta ransomware operators.
16 min
Ongoing Social Engineering Campaign Refreshes Payloads
On June 20, 2024, Rapid7 identified multiple intrusion attempts by threat actors utilizing Techniques, Tactics, and Procedures (TTPs) that are consistent with an ongoing social engineering campaign being tracked by Rapid7.
15 min
Managed Detection and Response (MDR)
Ongoing Malvertising Campaign Leads to Ransomware
Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains.