Threat Actor Groups
Executive Summary – Shadow Syndicate
Executive Summary In late 2024, Darktrace identified multiple instances of RansomHub ransomware attacks linked to the ShadowSyndicate threat group. ShadowSyndicate, active since 2022, has been associated with several ransomware families and sophisticated tools, including Cobalt Strike and Sliver. Their latest collaboration with RansomHub, a rising Ransomware-as-a-Service (RaaS) operator, underscores an evolving threat landscape. This report…
Read MoreREMCOS Remote Control & Surveillance Software
What Is Remcos? aka: RemcosRAT, Remvio, Socmer Actor(s): APT33, The Gorgon Group, UAC-0050 Remcos (short for Remote Control and Surveillance) is a commercial system administration application for XP and newer versions of Windows that threat actors have weaponized. Remcos is a closed-source application designed for network maintenance, system monitoring, surveillance, and penetration testing, but attackers use it to…
Read More