In February and June, the ASEC Analysis team posted in the blog about LockBit 2.0 ransomware being distributed via email. In this blog, we will introduce the new version of the LockBit 3.0 ransomware that is still being distributed through similar method. While in June there were multiple cases of the ransomware being distributed disguised as a copyright-related email, recently
Month: September 2022
By Jon Peterson
After announcing in May of this year that it would take up an exploratory initiative to sell its headquarters property in San Francisco located at 180 Howard Street, the State Bar of California has made the decision to put up for sale its property, as confirmed by the property owner in an email. No pricing guidance was
In this intrusion from May 2022, the threat actors used BumbleBee as the initial access vector. BumbleBee has been identified as an initial access vector utilized by several ransomware affiliates.
In this intrusion, we see the threat actor use BumbleBee to deploy Cobalt Strike and Meterpreter. The threat actor then used RDP and SMB to move around the network looking