jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » BushidoUK RVM Profile: RansomHub

BushidoUK RVM Profile: RansomHub

Threat-actor 2 min lectura ransomhub
Fecha
18 Jun 2026
Actor
ransomhub
Tipo
Threat-actor
Pais
United Kingdom
Sector
-
Confianza
high
55
Prioridad analitica
Media

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

1IOCs
0TTPs
ransomhubActor
United KingdomPais
Executive Summary
Perfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.

Key Points

  • Source: BushidoUK RVM GroupProfiles
  • BushidoUK RVM Repository

Group Profile: RansomHub

Perfil del grupo ransomware segun BushidoUK Ransomware Vulnerability Matrix. Incluye vulnerabilidades conocidas, herramientas y TTPs asociadas.

RansomHub's Exploited Vulnerabilities

> [!NOTE]

> This is the list of vulnerabilities that have been observed during intrusions that lead to RansomHub ransomware deployment

Apache

| Product | CVE(s) | Ransomware Group(s) | Source(s) |

|---|---|---|---|

| ActiveMQ | CVE-2023-46604 | RansomHub | cisa.gov |

Atlassian

| Product | CVE(s) | Ransomware Group(s) | Source(s) |

|---|---|---|---|

| Confluence Data Center & Server | CVE-2023-22515 | RansomHub | cisa.gov |

Citrix

| Product | CVE(s) | Ransomware Group(s) | Source(s) |

|---|---|---|---|

| NetScaler ADC & Gateway | CVE-2023-3519 | RansomHub | cisa.gov |

Fortinet

| Product | CVE(s) | Ransomware Group(s) | Source(s) |

|---|---|---|---|

| FortiOS SSL-VPN & FortiProxy | CVE-2023-27997 | RansomHub | cisa.gov |

| FortiClientEMS | CVE-2023-48788 | RansomHub | cisa.gov |

F5

| Product | CVE(s) | Ransomware Group(s) | Source(s) |

|---|---|---|---|

| BIG-IP | CVE-2023-46747 | RansomHub | cisa.gov |

Windows

| Product | CVE(s) | Ransomware Group(s) | Source(s) |

|---|---|---|---|

| NetLogon | CVE-2020-1472 ("ZeroLogon") | RansomHub | cisa.gov |

| BITS | CVE-2020-0787 | RansomHub | cisa.gov |

| SMBv1 | CVE-2017-0144 ("EternalBlue") | RansomHub | cisa.gov |

---

#### Sources

| Date Published | Report |

|---|---|

| 29 August 2024 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-242a |

Referencias

Diamond Model

Adversary
ransomhub
Ver perfil →
Victim
BushidoUK RVM Profile: RansomHub
United Kingdom
Capability
Threat-actor
Infrastructure
www.cisa.gov

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain www.cisa.gov Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor ransomhub en el blog → Ver ransomhub en IntelTracker → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com → Buscar ransomhub en APTTrail → Repositorio APTTrail → Mas incidentes en United Kingdom → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

Suǭrez&Clavera18 Jun 2026 · gunra MHE9 Logstica Ltda18 Jun 2026 · gunra Misericrdia de Santo Tirso18 Jun 2026 · qilin Direǜo Estacionamentos S.A.18 Jun 2026 · deadlock Br Cargolift Polska Sp. z o.o.18 Jun 2026 · deadlock www.someco.com18 Jun 2026 · lynx www.eastersealsia.org18 Jun 2026 · lynx Vera Chimie Management18 Jun 2026 · the-gentlemen