← Find more feeds

thedfirreport.com

The DFIR Report

Get the latest updates from The DFIR Report directly as they happen.

Follow now 187 followers

Latest posts

Last updated 6 days ago

Hide Your RDP: Password Spray Leads to RansomHub Deployment

6 days ago

Key Takeaways Case Summary This intrusion began in November 2024 with a...

Read full

Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware

about 2 months ago

Key Takeaways The DFIR Report Services Table of Contents: Case Summary In...

Read full

Navigating Through The Fog

2 months ago

Key Takeaways An open directory associated with a ransomware affiliate, likely linked...

Read full

Fake Zoom Ends in BlackSuit Ransomware

3 months ago

Key Takeaways Case Summary This case from May 2024 started with a...

Read full

Confluence Exploit Leads to LockBit Ransomware

4 months ago

Key Takeaways Case Summary The intrusion started with the exploitation of CVE-2023-22527...

Read full

Cobalt Strike and a Pair of SOCKS Lead to Lockbit Ransomware

5 months ago

Key Takeaways Case Summary This intrusion began near the end of January...

Read full

The Curious Case of an Egg-Cellent Resume

7 months ago

Key Takeaways Private Threat Briefs: Over 20 private DFIR reports annually. Threat...

Read full

Inside the Open Directory of the “You Dun” Threat Group

8 months ago

Key Takeaways The DFIR Report Services Reports such as this one are...

Read full

Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware

9 months ago

Key Takeaways Table of Contents: Case Summary Services Analysts Initial Access Execution...

Read full

BlackSuit Ransomware

10 months ago

Key Takeaways In December 2023, we observed an intrusion that started with...

Read full

Threat Actors’ Toolkit: Leveraging Sliver, PoshC2 & Batch Scripts

11 months ago

Key Takeaways The DFIR Report Services Contact us today for pricing or...

Read full

Everything you care about in one place

The DFIR Report

Latest posts

Hide Your RDP: Password Spray Leads to RansomHub Deployment

Another Confluence Bites the Dust: Falling to ELPACO-team Ransomware

Navigating Through The Fog

Fake Zoom Ends in BlackSuit Ransomware

Confluence Exploit Leads to LockBit Ransomware

Cobalt Strike and a Pair of SOCKS Lead to Lockbit Ransomware

The Curious Case of an Egg-Cellent Resume

Inside the Open Directory of the “You Dun” Threat Group

Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware

BlackSuit Ransomware

Threat Actors’ Toolkit: Leveraging Sliver, PoshC2 & Batch Scripts

IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment

Try Feeder for free