Just Another Blue TeamerJun 24, 2025

Good day everyone!

A little while ago I stumbled across an article from Trend Micro that discussed the #Anubis ransomware and its abilities to act both as a ransomware and a wiper. Now it appears that the group has gained sensitive documents related to Disneyland Paris's plans for new rides and renovations (Anubis X post is in the article). Not trying to fear-monger or anything but it goes to show how these groups will adapt their TTPs and behaviors to get to any organization.

Anubis Ransomware Lists Disneyland Paris as New Victim
https://hackread.com/anubis-ransomware-lists-disneyland-paris-new-victim/

Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

Anubis Ransomware Lists Disneyland Paris as New Victim

Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Show threadJust Another Blue Teamer

Not to beat a dead horse, but deleting shadow copies is a very common behavior that many ransomware strains use. So if you are on the hunt, let us help you with this Community Hunt Package!

Shadow Copies Deletion Using Operating Systems Utilities
https://hunter.cyborgsecurity.io/research/hunt-package/2e3e9910-70c1-4822-804a-ee9919b0c419

#huntoftheday #gethunting

Intel 471 | HUNTER

Jun 24, 2025 at 4:34pmWeb