royal (3)

13676122864?profile=RESIZE_400xUS law enforcement agencies provided new details on an operation that dismantled critical infrastructure used by the BlackSuit ransomware gang after the organization’s leak site was replaced with a takedown banner nearly two weeks ago.

The group, which rebranded from its Royal name after a devastating 2023 attack that shut down the City of Dallas, successfully attacked more than 450 entities in the US.   Since emerging in 2022, the gang secured more than $370 million in ransom payments, accordin

Red Sky Alliance would like to share a technical report through a recent joint Cybersecurity Advisory (CSA) as part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.  These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. 

Visit stopransomware.gov t

10921093279?profile=RESIZE_400xThe popular Royal ransomware is being used by skilled bad actors who used to be part of Conti Team One.  Between September and December 2022, Royal ransomware was used in numerous cyberattacks, which earlier this month prompted the US Department of Health and Human Services (HHS) cyber analysts to warn healthcare organizations of the risks associated with this threat.  Royal is the rebranded version of Zeon ransomware, which emerged earlier this year and was associated in August 2022 with Conti