3 Aug 2022 at 8:00am
Politically-motivated cyberattacks dominated the DDoS landscape in the second quarter of 2022 just as they did in Q1. Also, we saw the continuation of a trend that began in spring: an increase in superlong attacks.
28 Jul 2022 at 12:00pm
28 Jul 2022 at 10:00am
This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022.
25 Jul 2022 at 10:00am
In this report, we present a UEFI firmware rootkit that we called CosmicStrand and attribute to an unknown Chinese-speaking threat actor.
20 Jul 2022 at 8:00am
This report discusses new ransomware, that targets Windows, Linux and ESXi systems: Luna written in Rust and Black Basta.
11 Jul 2022 at 8:00am
Text-based fraud (419 scams, vishing, extortion, etc.) is still alive and well. Here, we describe cybercriminal techniques and present statistics.
6 Jul 2022 at 10:00am
We decided to discuss less obvious tools for working with firmware, including Renode and Qiling. Each of those tools has its own features, advantages, and limitations that make it effective for certain types of task.
30 Jun 2022 at 8:00am
In early 2022, we investigated an IIS backdoor called SessionManager. It has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.
23 Jun 2022 at 10:00am
We want to familiarize the reader with the different stages of ransomware deployment and provide a visual guide to defending against targeted ransomware attacks.
21 Jun 2022 at 10:00am
ToddyCat is a relatively new APT actor responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Its main distinctive signs are two formerly unknown tools that we call ?Samurai backdoor? and ?Ninja Trojan?.