March 7, 2024
BackMyData Ransomware
Threat Research
Starting on February 11, a widespread ransomware attack struck 100 hospitals across Romania. The attackers exploited vulnerabilities in the hospitals’ systems, forcing them to take critical infrastructure offline. Ransomware Type: BackMyData The malware responsible for this attack belongs to the…
Read More
March 1, 2024
GO Stealer Malware Targeting Indian Air force – Cyber Espionage Campaign
Threat Research
In the ever-evolving landscape of cyber threats, a recent incident caught the attention of security experts and government agencies alike. Unidentified cyber attackers attempted to breach the internal computer systems of the Indian Air Force (IAF), aiming to steal sensitive…
Read More
February 22, 2024
TicTacToe Malware Dropper
Threat Research
Malware droppers are malicious software designed to deliver and execute additional malware on a victim system and are employed to obfuscate final payloads during load and initial execution. Droppers within this group employ multiple stages of obfuscated payloads loading reflectively…
Read More
February 2, 2024
DarkGate Malware
Threat Research
DarkGate is a complete toolkit that provides attackers with extensive capabilities to fully compromise victim systems. Darkgate is loader/botnet malware. DarkGate malware has been out there since 2017. Infection Chain: The analysis mentioned in our report is based on the…
Read More
January 24, 2024
Gurucul Threat Research: Androxgh0st Malware
Threat Research
AndroxGh0st is a “SMTP cracker” which is primarily intended to scan for and parse Laravel application secrets from exposed .env files. (Note: Laravel is an open source PHP framework and the Laravel .env file is often targeted for…
Read More
December 12, 2023
Zero Trust Matures, Insider Threat Programs Take Off, and AI Doesn’t Change Things as Much as You’d Think Just Yet: Gurucul’s 2024 Cybersecurity Predictions
Threat Research SOC Security Analytics
At Gurucul, we’re experts in security analytics, machine learning/AI, and applied data science with many decades of combined experience in cybersecurity, working to enable Security Operations Center people, processes and tools. We’re always trying to stay on the…
Read More
September 11, 2023
Detecting Insider Threats: The Critical Role of Predictive Security Analytics
Threat Research Security Analytics
Discover the role of predictive analytics in detecting insider threats. Learn how advanced metrics transform cybersecurity and mitigate risks.
Read More
April 11, 2022
Lapsus$ Group Exposes Internal Threats Are Also External Threats
Threat Research
The Lapsus$ Group are publicly recruiting employees of their targets to assist them in gaining access to internal networks.
Read More
September 27, 2021
Best Practices for Implementing an Insider Threat Program
Threat Research Insider Threat
Detecting and mitigating the insider risk requires a specialized technology platform and a set of Insider Threat Program best practices.
Read More
