The Ransomware Ecosystem: Roles, Tools, and How Modern RaaS Attacks Work
Ransomware is no longer just a malicious program deployed by a single attacker — it has evolved...
Read More
Smishing Triad Targets Egypt’s Financial Sector and Postal Services
Recently, during one of our threat hunting operations, our squad identified multiple malicious...
Read More
Threat Profile: APT35 (Charming Kitten)
Executive Summary APT35, also known as Magic Hound and Charming Kitten, is an Iranian state-backed...
Read More
Suspicious ScreenConnect Abuse by Threat Actors
Recently observed an uptick in threat actors abusing RMM tools for initial access via...
Read More
Threat Profile: Conti Ransomware Group
Executive Summary Conti ransomware, first identified in 2019, quickly became one of the most...
Read More
MuddyWater: Inside Iran’s Persistent Cyber-Espionage Group Targeting the Middle East
MuddyWater, a long-running Iranian cyber-espionage group affiliated with Iran’s Ministry of...
Read More
Marketing’s Shadow Twin: Cybercrime’s Use of Legitimate Online Platforms
Introduction digital analytics tools—such as link shorteners, location trackers, CAPTCHAs, and...
Read More
Scattered Spider – UNC3944: A Comprehensive and Detailed Threat Profile
Scattered Spider (also known by aliases such as 0ktapus, Muddled Libra, Roasted 0ktapus, Scatter...
Read More
Qilin Ransomware: A Deep Dive into Operations & OPSEC Breakdowns
A Major Power Shift: The Sudden Disappearance of RansomHub One of the most pivotal developments in...
Read More
Critical SharePoint Vulnerability CVE-2025-53770: Remote Code Execution via ViewState Abuse
On the evening of July 18, 2025, active and large-scale exploitation of a newly discovered...
Read More