April 12, 2022 Attackers linger on government agency computers before deploying Lockbit ransomware Threat actors spent more than five months remotely googling for tools from the target's machines Security OperationsThreat Research
January 25, 2022 Windows services lay the groundwork for a Midas ransomware attack Attackers took two months to craft and install PowerShell scripts as services before deploying the ransomware Threat Research
December 22, 2021 Avos Locker remotely accesses boxes, even running in Safe Mode Infections involving this relatively new ransomware-as-a-service spiked in November and December SophosLabs UncutThreat Research