All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Ransom-ISAC Research Team ([email protected])

6 articles found across 1 feed

Appears on

Articles6

New Tool in the Wild: Bluekit Dashboard (Beta)

A threat advisory on Bluekit, a phishing-as-a-service platform advertised as an accessible, anonymity-focused alternative to Evilginx Pro and Tycoon2FA β€” 40+ templates, 2FA interception, device/geolocation spoofing, and no vetting requirements.

0
Ransom-ISAC Blog3mo ago

Supply Chain Confidence: What Every Organisation Needs to Know

A threat advisory covering TeamPCP’s multi-stage supply chain campaign through Trivy, npm, LiteLLM, Telnyx, and Axios β€” with 11 prioritised defensive recommendations for organisations of all sizes.

0
Ransom-ISAC Blog3mo ago

The Gentlemen Ransomware Group β€” Leak Analysis

A 120-minute technical intelligence whitepaper analysing the leaked Rocket.Chat corpus of The Gentlemen RaaS β€” 3,366 messages, 66 confirmed victims, custom G-BOT C2, Fortinet exploitation, AI-assisted operations, and a moderate-high confidence assessment of Black Basta successor lineage.

0
Ransom-ISAC Blog1mo ago

The Gentlemen Leak Analysis (Part 2) β€” JA456 Follow-on

Analysis of JA456, a follow-on package to the original Gentlemen Leaks that exposes operator-side artifacts β€” MEGA session history, a Synology NAS shadow dump, and wipe-in-progress screenshots β€” yielding rare attribution pivots including an early residential Izhevsk IP.

0
Ransom-ISAC Blog1mo ago

ShinyHunters: Silent Malware as a Service (MaaS)

A full malware analysis of Illusion-2.6.5-setup.exe β€” a deployment of Silent Stealer v2.6.5 and integrated RAT sold as a Malware-as-a-Service and distributed via Telegram under the ShinySpider alias, with an exposed operator panel that maps the complete C2 infrastructure and capability set.

0
Ransom-ISAC Blog1mo ago

Kali365 PhaaS Kit: OAuth Device-Code Phishing Enables MFA-Satisfied Token Theft

End-to-end reverse engineering of the Kali365 (K365) Microsoft 365 Phishing-as-a-Service operator client, purchased web panel, and payment infrastructure β€” revealing OAuth device-code phishing (RFC 8628) that satisfies MFA legitimately to steal long-lived refresh tokens.

0
Ransom-ISAC Blog8d ago
Ransom-ISAC Research Team (noreply@ransom-isac.org): Articles | FeedBagel