January 29, 2023

TSD #026: 🇺🇸 USA vs 🐝 HIVE ransomware. Who wins?

Hello friend 👋

I hope you're doing well! This week has been awesome. Lots going on. Let's dive in:


One of the first YouTube videos I made was on the shadowy world of ransomware. I shot it on my iPhone, I'll link it below. In that video, I show you Group-IB's report on the HIVE ransomware. HIVE is a reasonably successful ransomware gang, adding around a dozen new victims every month. They're not as infamous as LockBit, Conti or REvil, but they're still causing mayhem. This week, the US Department of Justice shut HIVE down. Saving almost $150,000,000 USD in ransom demands and unlocking victim networks.

The FBI said that they hacked into the HIVE servers and got their hands on over 300 decryption keys. I guess HIVE need to work on their blue team skills. It's important to remember that the perpetrators are still at large. There's no reason to suggest they won't regroup and make HIVE 2.0. Keep an eye out for arrests or a new version of HIVE in a few months.

CREST x Hack The Box

I was shocked (in a good way) when I saw this. A new collaboration was just announced between CREST and Hack The Box. CREST is a cyber security accreditation body whose certifications are pretty popular within the banking sector. If you're on Hack The Box, you'll see a new learning pathway that guides you towards the CREST pen testing and red teaming exams! HTB just keeps getting better and better!

You can get in touch with me by simply hitting reply. I respond to every email that hits my inbox.

Until next week,

Gary ✌️

Fun Things This Week

🎙My Ransomware Video

Ransomware, Explained: Check out my explainer on the world of ransomware and see some of the stats and admin systems in use.

🎙️ Products

I've been fairly busy over the last week doing some quality-of-life upgrades to my website. I get asked a lot of questions about the tools that I use. So I've moved the gear list to its own dedicated page, rather than a blog post. If you're interested in building an ecosystem similar to mine, I list most of the gear I use on this page. I'll keep this page up-to-date so you can use it as a point of reference.

👾 Cool Tools

Kali Purple is a crazy, crazy tool that I'm yet to test. It's a SOC-in-a-box and it looks absolutely nuts. It's a blue team, red team, defensive, virtualisation tool. Honestly, just go read the GitLab entry for it and check out the screenshots. I think this is more of a month-long project than a weekend thing!

BlueHound is an open-source tool that helps blue teams pinpoint security issues that matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your network

Whenever you’re ready, there are a few ways I can help you:

1. If you'd like to learn how to create content to raise your online profile, I have a free email crash course and a whole series of video workshops.

2. If you want to land a career in cyber security but don't know where to start, your best bet is through my SWITCHFIRE guide.

3. If you'd like to promote yourself or your business and help keep this newsletter free to its readers, you can sponsor it by dropping me an email.

More Articles
Subscribe to The Sunday Download

Receive weekly news and insights in your inbox. Don't miss out!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.