Threat Research

    BlackSuit: A Hybrid Approach with Data Exfiltration and Encryption

    This report examines a recent ransomware attack by the BlackSuit group, a successor to the Royal ransomware family. Known for its hybrid tactics, BlackSuit combines data exfiltration with encryption, using advanced tools like PsExec, Cobalt Strike, RDP, and rclone to execute commands, move laterally, and extract data....
    7/16/2025  0
    Read More »

    Distribution of PebbleDash Malware in March 2025

    In March 2025, the PebbleDash backdoor malware, previously linked to the Lazarus group, was observed being distributed in new campaigns targeting individuals. The latest activity includes the use of additional malware and modules alongside PebbleDash to enhance its capabilities....
    4/29/2025  0
    Read More »

    Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks

    Earth Koshchei executed a sophisticated attack campaign using rogue Remote Desktop Protocol (RDP) tactics. The group employed red team tools for espionage and data exfiltration, utilizing spear-phishing emails to trick victims into connecting to malicious RDP servers via a compromised configuration file....
    12/23/2024  0
    Read More »

    Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

    The report "Midnight Blizzard Conducts Large-Scale Spear-Phishing Campaign Using RDP Files" highlights a sophisticated phishing operation conducted by the threat actor group known as Midnight Blizzard. The campaign involves sending malicious Remote Desktop Protocol (RDP) files to targeted individuals to gain unauthorized access to their systems....
    11/1/2024  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.