Skip to content
      Featured Incident Response Threat Research

      Revealing Emperor Dragonfly: Night Sky and Cheerscrypt - A Single Ransomware Group

      Sygnia recently investigated a Cheerscrypt ransomware attack which utilized Night Sky ransomware TTPs. Further analysis revealed that Cheerscrypt and Night Sky are both...

      Read More

      Incident Response

        Filter by Topic

        Blog Post
        Incident Response Threat Hunting

        Threat Actor Spotlight: RagnarLocker Ransomware

        Key Takeaways The FBI’s Internet Crime Complaint Center (IC3) recently published their internet crime report for 2022. The report indicates that during 2022 there was an... Read More
        Incident Response
        Threat Hunting Blog Post

        Incident Response in Google Cloud: Forensic Artifacts

        Key Takeaways Forensic data across Google Cloud can logically be organized into three categories: Identity Management, Google Workspace Apps, and Google Cloud Platform... Read More
        Community Tool
        Incident Response Threat Hunting Blog Post

        Incident Response in Google Cloud: Foundations

        Key Takeaways Although Google Cloud is becoming more widely used, research and documentation surrounding incident response is limited, and for many aspects non-existent. ... Read More
        Featured Incident Response Threat Research

        Revealing Emperor Dragonfly: Night Sky and Cheerscrypt - A Single Ransomware Group

        Sygnia recently investigated a Cheerscrypt ransomware attack which utilized Night Sky ransomware TTPs. Further analysis revealed that Cheerscrypt and Night Sky are both... Read More
        Blog Post
        Featured Incident Response Threat Hunting

        Vice Society Ransomware Group: Threats to Health & Education Sector

        Read More
        Blog Post
        Featured Incident Response Threat Hunting

        Vice Society TTPs: Insights from a Real-World Ransomware Investigation

        Key Takeaways Vice Society is a ransomware group that has been carrying out double extortion attacks for over a year. While continuing to wage attacks, the group remains... Read More