Blog

November 27, 2024

Harnessing AI to Drive Business Outcomes: Insights from the CIO Report

Threat Research Security Analytics

AI is becoming a cornerstone for innovation and transformation. However, many CIOs are still struggling to effectively leverage AI to drive business outcomes and use cases while trying to understand cyber security risks.

Read More

September 19, 2024

Insider Threat Report

Threat Research Insider Threat

A Look Inside the 2024 Insider Threat Report: Key Takeaways Cybersecurity Insiders just released their 2024 Insider Threat Report based on a survey conducted with 400+ IT and cybersecurity professionals chronicling the latest trends, challenges and best…

Read More

July 25, 2024

Gurucul Threat Research: DisGoMoji Malware

Threat Research

The DisGoMoji malware operates under the control of its creators through the popular messaging platform Discord. To maintain secrecy, the attackers have ingeniously devised a system of using emojis within Discord messages to transmit commands to the malware. The unusual…

Read More

June 10, 2024

Lockkey Golang Ransomware

Threat Research

Lockkey is a ransomware variant written in the Go programming language, making it potentially more cross-platform and resilient than ransomware traditionally written in languages like C++. While the specifics of its technical mechanisms are unavailable due to the restricted source,…

Read More

May 24, 2024

Leprechaun – A New Malware Loader

Threat Research

Introduction The Leprechaun malware loader is a nascent threat that has emerged as a potential replacement for the IcedID malware. Leprechaun is a sophisticated malware loader with capabilities that make it a serious threat. In the current landscape, a novel malware…

Read More

May 7, 2024

Bellingcat Malware Investigation

Threat Research

Introduction Bellingcat, known for its investigative journalism, recently became the target of a sophisticated cyber attack. The analysis revolves around an email campaign that aimed to compromise Bellingcat’s systems. Here are the key details: Attack Vector: The attackers used an…

Read More

March 23, 2024

Royal Ransomware

Threat Research

Executive Summary 1. Origins and Activity: The Royal ransomware made its debut in 2022, swiftly establishing itself as a significant menace in the cybersecurity landscape. During its reign, Royal has targeted both U.S. and international organizations, infiltrating their networks with malicious…

Read More

March 20, 2024

APT28’s OCEANMAP Backdoor

Threat Research

OCEANMAP: This sophisticated backdoor, attributed to the notorious Russian cyber espionage group APT28 (also known as Sofacy or Fancy Bear), was initially identified by CERT-UA. Let’s break down. Key Features: On December 28, 2023, CERT-UA reported a cyber attack attributed…

Read More

March 7, 2024

BackMyData Ransomware

Threat Research

Starting on February 11, a widespread ransomware attack struck 100 hospitals across Romania. The attackers exploited vulnerabilities in the hospitals’ systems, forcing them to take critical infrastructure offline. Ransomware Type: BackMyData The malware responsible for this attack belongs to the…

Read More

March 1, 2024

GO Stealer Malware Targeting Indian Air force – Cyber Espionage Campaign

Threat Research

In the ever-evolving landscape of cyber threats, a recent incident caught the attention of security experts and government agencies alike. Unidentified cyber attackers attempted to breach the internal computer systems of the Indian Air Force (IAF), aiming to steal sensitive…

Read More

February 22, 2024

TicTacToe Malware Dropper

Threat Research

Malware droppers are malicious software designed to deliver and execute additional malware on a victim system and are employed to obfuscate final payloads during load and initial execution. Droppers within this group employ multiple stages of obfuscated payloads loading reflectively…

Read More

February 2, 2024

DarkGate Malware

Threat Research

DarkGate is a complete toolkit that provides attackers with extensive capabilities to fully compromise victim systems. Darkgate is loader/botnet malware. DarkGate malware has been out there since 2017. Infection Chain: The analysis mentioned in our report is based on the…

Read More