Sophos X-Ops has investigated four different ransomware attacks, one including Hive, two by Royal, and one by Black Basta, and noticed distinct similarities between the attacks. Sophos is tracking and monitoring the attacks as a “cluster of threat activity” that defenders can use to speed up detection and response times. Knowing highly specific attacker behavior helps manage detection and response teams react faster to active attacks. It also helps security providers to create stronger protections for customers.
Read more: https://www.helpnetsecurity.com/2023/08/09/ransomware-attacks-similarities/