Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems
Threat actors from the Silent Ransom Group, aka Luna Moth, are escalating attacks by impersonating IT staff in phone calls and even showing up in person to g...
NSO
Unknown
auto-detected
AI Intelligence Brief cached
Edit Profile
Entity Relationships
Related YARA Rules View all on YARA Rules page →
90-Day Activity
Last 90 Days (162)
Last 90 Days
All Time
The Gentlemen are coming for your files, and then your network
Ransomware operators have spent years refining the art of locking files. Now, some are working harder to get those lockers to every reachable system first.
Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Kore...
Analysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th)
Using the data collected over the past year and using Kibana these two ES|QL query to summarize the data, this shows the list of the most uploaded threat to ...
The Gentlemen ransomware: Dissecting a self-propagating Go encryptor
Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by affiliates of Storm-2697 that combines pe...
MyPillow listed on ransomware gang’s leak site, but denies it has been breached
A notorious ransomware gang claims to have stolen MyPillow's private data, but CEO Mike Lindell calls it a politically motivated "hit job." With the countdow...
U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog
U.S.
Experts on Experts: Why Compliance is becoming Continuous
This week on Experts on Experts, I’m joined by Sergio Alonso – Rapid7’s Director of Trust, Risk, and Compliance – to talk about how compliance is changing an...
Qumulo NeuralProtect uses AI to detect and stop ransomware before encryption
Qumulo has unveiled Qumulo NeuralProtect, a ransomware resilience solution built to protect data at the storage layer by detecting and stopping threats befor...
Supply Chain Compromises Impact Nx Console and GitHub Repositories
CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Contin...
2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface
The 2026 World Cup presents major cyber risks from ransomware groups, state-aligned actors, and other groups targeting critical infrastructure. Learn more here.
Oil shipments, drone makers, and a poisoned code library targeted in recent APT campaigns
Geopolitical pressure drove much of the state-sponsored cyber activity recorded between October 2025 and March 2026, according to ESET’s latest APT Activity ...
Silent Ransom Impersonates IT Support to Target Law Firms
The Silent Ransom Group (SRG) is running a new wave of hands‑on social engineering attacks against law firms, posing as internal IT support to steal sensitiv...
FBI warns law firms of in-person data theft by Silent Ransom Group
SRG actors initiate attacks by posing as IT support staff, contacting victims via phone calls or phishing emails to solicit a remote desktop session.
Reconstructing an Akira Ransomware Kill Chain from Perimeter and Endpoint Logs, (Wed, May 27th)
Most Akira write-ups focus on the ransom note or the encryption routine. By the time those show up the interesting forensic work is over.
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
Silent Ransom Group isn’t prolific, but it's demonstrated a knack for attacking the legal services sector with an extraordinary dual use of social engineerin...
Mass database extortion causes significant damage despite low payment rates
The Ransomnews Research Team's five-year study, spanning from May 2021 to May 2026, analyzed over 65,000 exposed databases, finding that 46.3% contained rans...
Hackers are knocking on office doors pretending to be IT staff
The Silent Ransom Group (SRG) is targeting law firms using social engineering techniques and an unusual tactic for cybercriminals: showing up at victims’ off...
FBI warns of in-person data theft attacks from extortion gang
The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.
LA Metro Cyberattack Linked to Iranian State-Sponsored Hackers
The attack was claimed by a hacktivist group, but evidence showed it used infrastructure linked to Iranian government threat actors. The post LA Metro Cybera...