Arriving via fake shipping invoice emails, Nemucod, once opened, downloads malware and encryption components stored on compromised websites. Nemucod would have been crowned most malicious spam email if Locky hadn’t reignited in August. Inception: Historically, the hackers behind Nemucod teamed up with Teslacrypt, which was huge in 2015 and 2016; in 2017, they made their own ransomware variant; Attack vector: Spam Email
The worldwide Accellion #cyberattacks appear to have originated from the infamous Clop #ransomware gang. https://wbrt.io/2P5E1Ln
Our #BrightCloud Threat Intelligence associated the IP address of the SolarWind's Orion update with a botnet in the summer of last year.
A properly configured security tool using our #threatintelligence data would have blocked comms with the C&C server. https://wbrt.io/3aQsjv7