Attack Type: Malware/Ransomware

Malware and Ransomware attacks are designed to infect your system through things like fake invoices, password-protected attachments, or files disguised as routine business documents. Once opened, they quietly install malicious software that can steal data, encrypt files, or open the door for more serious threats.
You might see things like macro-enabled Office documents, HTML attachments, or ZIP files that require a password. These are tricks to get around email filters and convince you to interact. Once the malware runs, it can connect to attacker-controlled servers, spread across your network, and even bring in more payloads.
Ransomware is especially damaging. It locks up your files and demands a payment—usually in cryptocurrency—to get them back. Some attackers also steal data and threaten to leak it if the ransom isn’t paid, a tactic known as double extortion. The impact can be severe, including downtime, lost data, financial loss, and reputational damage.
Rule Name & Severity
Last Updated
Author
Types, Tactics & Capabilities
Attachment: PDF with suspicious document view lure
2d ago
Jul 14th, 2026
Sublime Security
Malformed URL prefix
2d ago
Jul 14th, 2026
Sublime Security
Observed IOC: Malicious sender email addresses
7d ago
Jul 9th, 2026
Sublime Security
AnonymousFox indicators
8d ago
Jul 8th, 2026
Sublime Security
Open redirect: JustPaste.it
14d ago
Jul 2nd, 2026
Sublime Security
Attachment: PDF with quote lure
15d ago
Jul 1st, 2026
Sublime Security
Link: Google Cloud Storage redirect to external domain
16d ago
Jun 30th, 2026
Sublime Security
Attachment: PDF with localhost IP in EXIF title metadata
17d ago
Jun 29th, 2026
Sublime Security
Observed IOC: Malicious sender domains
17d ago
Jun 29th, 2026
Sublime Security
Brand impersonation: Google Drive fake file share
20d ago
Jun 26th, 2026
Sublime Security
Attachment: Malicious zip file matching zipline campaign
21d ago
Jun 25th, 2026
Sublime Security
Attachment: PDF Object Hash associated with fake Canada Revenue Agency documents
29d ago
Jun 17th, 2026
Sublime Security
Attachment: Fake PDF Invoices Yara
30d ago
Jun 16th, 2026
Sublime Security
Attachment: MS OOXML file created by Administrator with zero edit time
1mo ago
Jun 12th, 2026
Sublime Security
Observed IOC: Malicious sender root domains
1mo ago
Jun 12th, 2026
Sublime Security
Service abuse: Suspicious Datadog alert
1mo ago
Jun 11th, 2026
Sublime Security
Observed IOC: Malicious domains in body links
1mo ago
Jun 10th, 2026
Sublime Security
Attachment: PDF Object Hash with Blue File Icon
1mo ago
Jun 5th, 2026
Sublime Security
VIP Impersonation via Google Group relay with suspicious indicators
1mo ago
Jun 5th, 2026
Sublime Security
Attachment with auto-executing macro (unsolicited)
1mo ago
Jun 5th, 2026
Sublime Security