Void Rabisu, an intrusion set associated with ransomware attacks and campaigns against Ukraine and its supporters, has primarily targeted government and military entities, using tactics common among cybercriminals and nation-state-sponsored actors. The primary tool used by the group is the ROMCOM backdoor. Interestingly, Void Rabisu exploited a zero-day vulnerability, CVE-2023-36884, in two separate campaigns, one of which specifically targeted attendees of the 2023 Women Political Leaders Summit (WPL) in Brussels.
![](https://healsecurity.com/wp-content/uploads/2024/07/group-ibs-threat-intelligence-and-defence-centre-equip-undergraduates-with-sophisticated.jpg)
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some