Threat Intelligence

Segway store compromised with Magecart skimmer - Magecart Group 12 is still alive and well in the latest attack against popular brand Segway.

Threat Intelligence

Segway store compromised with Magecart skimmer

January 24, 2022 - Magecart Group 12 is still alive and well in the latest attack against popular brand Segway.

Read more
Ransomware targets Edge users - The Magnitude exploit kit is trying to trick users into downloading ransomware disguised as a Microsoft Edge update.

Threat Intelligence

Ransomware targets Edge users

January 12, 2022 - The Magnitude exploit kit is trying to trick users into downloading ransomware disguised as a Microsoft Edge update.

Read more
Patchwork APT caught in its own web - The Patchwork APT, an Indian group targeting Pakistan exposes themselves with their own RAT

Threat Intelligence

Patchwork APT caught in its own web

January 7, 2022 - The Patchwork APT, an Indian group targeting Pakistan exposes themselves with their own RAT

Read more
Dridex affiliate dresses up as Scrooge - Threat actors are hoping to catch a few more victims before they leave work for the Christmas holidays. The recent malicious spam campaigns (malspam) we and others have observed appear to have been created by someone who wants to play Scrooge and add onto people’s already heightened state of anxiety. The lures are particularly mean...

Threat Intelligence

Dridex affiliate dresses up as Scrooge

December 23, 2021 - Threat actors are hoping to catch a few more victims before they leave work for the Christmas holidays. The recent malicious spam campaigns (malspam) we and others have observed appear to have been created by someone who wants to play Scrooge and add onto people’s already heightened state of anxiety. The lures are particularly mean...

Read more
SideCopy APT: Connecting lures to victims, payloads to infrastructure - Last week, Facebook announced it had taken action against a Pakistani APT group known as SideCopy. In this blog post we provide additional details about SideCopy that have not been published before.

Threat Intelligence

SideCopy APT: Connecting lures to victims, payloads to infrastructure

December 2, 2021 - Last week, Facebook announced it had taken action against a Pakistani APT group known as SideCopy. In this blog post we provide additional details about SideCopy that have not been published before.

Read more
Malwarebytes CrackMe – contest summary - We announce the results of the 3rd Malwarebytes Crackme!

Threat Intelligence

Malwarebytes CrackMe – contest summary

November 19, 2021 - We announce the results of the 3rd Malwarebytes Crackme!

Read more
TrickBot helps Emotet come back from the dead - The infamous Emotet makes yet another comeback despite having been severely dismantled earlier this year.

Threat Intelligence

TrickBot helps Emotet come back from the dead

November 16, 2021 - The infamous Emotet makes yet another comeback despite having been severely dismantled earlier this year.

Read more
A multi-stage PowerShell based attack targets Kazakhstan - We uncover a new attack delivered via a number of PowerShell scripts to deploy Cobalt Strike.

Threat Intelligence

A multi-stage PowerShell based attack targets Kazakhstan

November 12, 2021 - We uncover a new attack delivered via a number of PowerShell scripts to deploy Cobalt Strike.

Read more
Credit card skimmer evades Virtual Machines - After code obfuscation, anti-debugger tricks we now see virtual machine detection used by credit card skimmers.

Threat Intelligence

Credit card skimmer evades Virtual Machines

November 3, 2021 - After code obfuscation, anti-debugger tricks we now see virtual machine detection used by credit card skimmers.

Read more

Select your language