Threat Intelligence

Segway store compromised with Magecart skimmer - Magecart Group 12 is still alive and well in the latest attack against popular brand Segway.
Ransomware targets Edge users - The Magnitude exploit kit is trying to trick users into downloading ransomware disguised as a Microsoft Edge update.
Patchwork APT caught in its own web - The Patchwork APT, an Indian group targeting Pakistan exposes themselves with their own RAT
Dridex affiliate dresses up as Scrooge - Threat actors are hoping to catch a few more victims before they leave work for the Christmas holidays. The recent malicious spam campaigns (malspam) we and others have observed appear to have been created by someone who wants to play Scrooge and add onto people’s already heightened state of anxiety. The lures are particularly mean...
SideCopy APT: Connecting lures to victims, payloads to infrastructure - Last week, Facebook announced it had taken action against a Pakistani APT group known as SideCopy.  In this blog post we provide additional details about SideCopy that have not been published before.
Malwarebytes CrackMe – contest summary - We announce the results of the 3rd Malwarebytes Crackme!
TrickBot helps Emotet come back from the dead - The infamous Emotet makes yet another comeback despite having been severely dismantled earlier this year.
A multi-stage PowerShell based attack targets Kazakhstan - We uncover a new attack delivered via a number of PowerShell scripts to deploy Cobalt Strike.
Credit card skimmer evades Virtual Machines - After code obfuscation, anti-debugger tricks we now see virtual machine detection used by credit card skimmers.

Select your language