tag = "Ransomware"

Emotet Tops Payload Attack Volume in Q2

Emotet contributed to just over 47% of all attacks targeting corporate users in Q2, narrowly surpassing the former leader QBot.

Building Cybersecurity Resilience in Financial Services

Despite paying significant attention to security, many organizations continue to be the targets of advanced persistent threats, fraud, sophisticated phishing campaigns, and other bold efforts to access the personally identifiable information (PII) and other sensitive IP they maintain.

Qbot Payloads Dominate Q1

Qbot payloads targeting enterprises contributed to almost three quarters of all email-based malware since the beginning of 2022.

Qbot, ZLoader Represent 89% of Payload Volume in Q4

Qbot and ZLoader payloads targeting enterprises contributed to almost 89% of email-based malware volume in Q4.

Despite their Simplicity, New Emotet Attacks Forecast Threatening Future

PhishLabs has recently observed attacks targeting enterprises with Emotet payloads for the first time since January, when coordinated efforts by authorities to disrupt operations led this family of threat actors to halt activity.

Initial Access Brokers: Selling Entry into Your Network

In this post, we take a look at Initial Access Brokers (IABs), popular ransomware affiliates that sell access to compromised networks.

BazaLoader Leads Payloads as Families Fluctuate, Players Broaden

As ransomware continues to improve its tactics and break records, PhishLabs is monitoring payload families reported in user inboxes that are used to facilitate these attacks.

The Most Prevalent Threats to Corporate Inboxes

In this post, we discuss the top threat types reaching corporate inboxes, and what these attacks mean for security teams.

Qbot Leads Payload Volume in Q2

PhishLabs is monitoring payload families reported in user inboxes. In this piece, we break down the top malware targeting enterprises in Q2.

Ransomware Playbook: Defense in Depth Strategies to Minimize Impact

Access our Ransomware Playbook: Defense in Depth Strategies to Minimize Impact where we address actions that will minimize the impact of a ransomware attack.

ZLoader Dominates Email Payloads in Q1

Malicious payloads delivered via email phishing continue to drive access to sensitive infrastructures and result in data compromise for enterprises.

Surge in ZLoader Attacks Observed

PhishLabs has observed a spike in malicious emails distributing ZLoader malware.

Emotet Dismantled, Trickbot, ZLoader, and BazarLoader Step In

While it remains to be seen whether or not Emotet's operations are permanently offline after its recent disruption, we are monitoring any increases in subsequent malware variants and corresponding ransomware attacks.

Sharp Increase in Emotet, Ransomware Droppers

PhishLabs has analyzed these early stage loaders and observed a dramatic increase in ransomware droppers delivered via email.

Year In Review: Ransomware

In 2020, cybercrime has seen a dramatic evolution in ransomware attacks. This threat type has adopted increasingly malevolent tactics and targeted some of the year's most vulnerable industries.

Ransomware Groups Break Promises, Leak Data Anyway

Data stolen in ransomware attacks is frequentlybecoming public even after the victim has paid.

Encryption to Double Extortion: Ransomware’s Rapid Evolution

Data leaks and ransomware - once considered two distinct threats - are overlapping into a hybrid ransomware tactic known as double extortion.

WannaCry, NotPetya and the Rest: How Ransomware Evolved in 2017

WannaCry and NotPetya stole the headlines, but what happened to the overall ransomware landscape in 2017?

Alma Ransomware: Analysis of a New Ransomware Threat (and a decrypter!)

PhishLabs recently observed a new type of ransomware, called Alma Ransomware, being delivered via exploit kit. PhishLabs has written a decrypter / decryptor.