Marc

Since the apparition of the #Interlock ransomware, the Sekoia #TDR team observed its operators evolving, improving their toolset (#LummaStealer and #BerserkStealer), and leveraging new techniques such as #ClickFix to deploy the ransomware payload.

blog.sekoia.io/interlock-ra...

RATatouille: Cooking Up Chaos in the I2P Kitchen Discover the challenges of ClickFix12 and the newly identified I2PRAT. Uncover the advanced techniques employed by this multi-stage RAT.

New paper⤵️

blog.sekoia.io/ratatouille-...

Sr Technical Threat Researcher - Sekoia.io - CDI - Télétravail total Sekoia.io recrute un(e) Sr Technical Threat Researcher !

🚨To strengthen the #investigation and #detection capabilities of the Sekoia.io Threat Detection & Research (TDR) team, we are looking for a Senior Technical Threat Researcher!

www.welcometothejungle.com/fr/companies...

#CTI #DetectionEngineering

Suite PlugX: 4200 ordinateurs américains désinfectés grâce à l'entreprise Sekoia et la justice française, annonce le FBI. www.justice.gov/usao-edpa/pr...

Smart move !

Ransomware-driven data exfiltration: techniques and implications Introduction This report focuses on the exfiltration techniques leveraged by ransomware and extortion groups in lucrative campaigns. It aims to provide a comprehensive analysis of the techniques and…

🎯 Ransomware-driven data #exfiltration: techniques and implications

Our new #TDR report focuses on the exfiltration techniques leveraged by #ransomware and #extortion groups.

https://buff.ly/415o0ry

#ThreatIntelligence #Detection

Helldown Ransomware: an overview of this emerging threat Comprehensive Analysis of Helldown: Tactics, Techniques, and Procedures (TTPs) and Exploitation of Zyxel Vulnerabilities %

New Helldown ransomware targets Windows and Linux systems, uses Zyxel firewall exploits for initial access

blog.sekoia.io/helldown-ran...

Unmasking the latest trends of the Financial Cyber Threat Landscape This report aims at depicting recent trends in cyber threats impacting the financial sector worldwide. It focuses on principal tactics, techniques and procedures used by lucrative and state-sponsored ...

🏦 Our latest report provides insights on the cyber threats impacting the #financial sector in 2023. We analysed the trends in lucrative and state-sponsored ecosystems and outlined the most notable evolutions. For more details, check out our blog post: blog.sekoia.io/unmasking-th...

#DarkGate gained popularity among threat actors (e.g: #TA577, #DuckTail), our #RE analysis details the internals of the malware, how it implements technique to evade defenses: Union-API, token theft via UpdateProcThreadAttribute, APC injection.

blog.sekoia.io/darkgate-int...

Game Over: gaming community at risk with information stealers This report was originally published for our customers on 26 October 2023. The world of online gaming, a thriving global community of millions, has become an enticing target for malicious actors seeki...

🎮 We analyzed an ongoing campaign targeting online gamers. Multiple malware families are delivered through fake video game websites such as #Epsilon, #Doenerium, #BByStealer, and #NovaSentinel.

blog.sekoia.io/game-over-ga...

#CTI #infostealer