On May 11, 2024, we observed numerous security reports about ZATCA Saudi Arabia access being offered for sale on one of the most well-known dark web forums (BreachForums) by a threat actor known as “gettexik” So, our DarkAtlas Squad initiated an investigation into this threat actor.We began tracking him and successfully discovered his BreachForums account […]

Introduction Helldown ransomware, first identified in August 2024, is a recent addition to the ransomware landscape, known for its aggressive tactics and sophisticated encryption methods. This malware encrypts a wide range of file types, appending a unique extension to each, and leaves a ransom note instructing victims on payment procedures, typically demanding cryptocurrency. Notably, Helldown […]

what is Fog ? In June [Arctic Wolf Labs] reported a deployment of a new ransomware named Fog Ransomware,  according to their report the ransomware was seen in several incident Response cases, affecting education and recreation center in the United States, the investigation revealed that the attackers gain access to victims through compromised VPNs credentials, […]