The phishing-as-a-service kit from Sneaky Log creates fake authentication pages to farm account information, including two-factor security codes.

Cisco Talos observed the TTPs used by 14 of the most prevalent ransomware groups based on their volume of attack, impact to customers and atypical behavior.