IBM X-Force has been monitoring the evolution of Russian threat actor Hive0051’s malware capabilities for the past 18 months, noting significant advances. Key improvements include a multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and fileless PowerShell versions of Gamma malware. Hive0051’s escalating activity, including an increase in active infections and unique malicious domains, signifies an elevation of resources and ongoing operations.

United States Charges Developer of LockBit Ransomware Group
Rostislav Panev, a 51-year-old dual Russian-Israeli national, has been extradited to the U.S. for his role as a developer in the LockBit ransomware group. Arrested