BlackByte Ransomware
OVERVIEW The BlackByte Ransomware variant was first publicly recognized in July of 2021, spawned by a threat group by the same moniker. The variant is
OVERVIEW The BlackByte Ransomware variant was first publicly recognized in July of 2021, spawned by a threat group by the same moniker. The variant is
OVERVIEW The WhisperGate malware variant was first identified by the MSTIC (Microsoft Threat Intelligence center) on January 13, 2022 and has attributed to the nation-state
OVERVIEW The SysJoker Backdoor is believed to have been active since the end of 2021, first discovered by Intezer researchers and believed to be attributed
Log4Shell Threat Update – 2 Jan 2022 Cyborg Security has published an additional three Hunt Packages related to CVE-2021-44228 (Log4Shell), with the intent to provide
InstallerFileTakeover (CVE-2021-41379) is a local privilege escalation vulnerability in Windows systems, which enables an attacker to elevate privileges on fully patched Windows 10, 11, and
OVERVIEW TrickBot (TrickLoader, Trickster, TheTrick, TrickLoader, Totbrick, TSPY_TRICKLOAD, TrickBot) is a semi-modular, pervasive, banking trojan which has been observed since mid-2016. The malware appears to
THREAT DESCRIPTION – Windows Discovery and Execution Processes When malware or an adversary compromise a system, they often employ Excessive Windows discovery and execution processes,
OVERVIEW Emotet is a pervasive and modular credential theft trojan which has historically been leveraged by threat actors in order to collect usernames and passwords
THREAT DESCRIPTION – MALDOC Maldoc (Malicious Documents) are documents containing self-executing code or code that requires a user to grant permission or interact with the
DeadRinger Summary The DeadRinger operation was comprised of three campaigns led by different threat groups linked to China, targeting major Telecommunications Companies in Southeast Asia.