Threat Research

    Osiris Ransomware

    Osiris ransomware is a modern, enterprise-focused threat that conducts targeted intrusions involving deep network compromise, data exfiltration, and double-extortion tactics before encrypting victim systems....
    2/16/2026  0
    Read More »

    How RMM Abuse Fuelled Medusa & DragonForce attacks

    In early 2025, researchers identified a surge of ransomware attacks abusing the SimpleHelp Remote Monitoring and Management (RMM) platform, widely used by MSPs and software vendors. Threat groups such as Medusa and DragonForce exploited three vulnerabilities — CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728 — to infiltrate downstream customer networks....
    11/12/2025  0
    Read More »

    From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion

    The intrusion started with a JavaScript file linked to the Lunar Spider group, disguised as a tax form, which downloaded and executed Brute Ratel via an MSI installer. Throughout the attack, various malware strains were deployed, including Latrodectus, Brute Ratel C4, Cobalt Strike, BackConnect, and a custom .NET backdoor....
    9/30/2025  0
    Read More »

    BlackSuit: A Hybrid Approach with Data Exfiltration and Encryption

    This report examines a recent ransomware attack by the BlackSuit group, a successor to the Royal ransomware family. Known for its hybrid tactics, BlackSuit combines data exfiltration with encryption, using advanced tools like PsExec, Cobalt Strike, RDP, and rclone to execute commands, move laterally, and extract data....
    7/16/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.