FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware
FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware According to the Symantec Threat Hunter Team, the financially motivated threat actor known as FIN8 has been observed using ...
8Base Ransomware Surge; SmugX Targeting European Governments; Russian-Linked DDoS Warning
Surge in 8Base Ransomware Operations Raises Questions of Connections to Phobos and RansomHouse In June 2023, activity related to 8base ransomware operations increased significantly, although the exact reason for this surge ...
Trends and Predictions of Growing Cryptocurrency Cyberattacks
Cryptocurrencies will almost certainly continue adoption and further adaptation despite the large 2022 downturn. Growth of the ecosystem and changes underway in 2023 carry important implications for cyberattack risk to both end ...
Creative Ransomware Extortion; Further Malware Capabilities With ChatGPT
The Blackcat-Western Digital Ransomware Cyberattack Serves a Good Example of How Extortion Techniques Will Change Risk And Impact For Targeted Victims Threat actors were able to tap into webcams of employees at ...
3CX Incident Attributed to North Korea; New LockBit MacOS Sample
Mandiant Attributes 3CX Supply Chain Attack to North Korean Activity Cluster On April 11, 2023, 3CX reported that Mandiant - who investigated the supply chain attack using a digitally signed 3CXDesktopApp installer ...
Exposed Web Panel Reveals Gamaredon Group’s Automated Spear Phishing Campaigns
Executive Summary On February 09, 2023, EclecticIQ analysts identified a spear phishing campaign targeting Ukrainian government entities like the Foreign Intelligence Service of Ukraine (SZRU) and Security Service of Ukraine (SSU). Analysts ...
Achieving Operational Excellence in a Cybersecurity Program
As cybersecurity threats continue to grow in complexity and frequency, achieving operational excellence in threat detection and response is more important than ever. However, SOCs (Security Operation Centers) often face a variety ...
Enabling File Integrity Monitoring on Windows with Osquery and EclecticIQ Endpoint Response
File Integrity Monitoring (FIM) is a security control that helps organizations ensure the integrity of their files and systems by monitoring changes to files and directories. FIM is an important security control ...
Dark Pink APT Group Strikes Government Entities in South Asian Countries
Executive Summary In February 2023, EclecticIQ researchers identified multiple KamiKakaBot malwares which are very likely used to target government entities in ASEAN (Association of Southeast Asian Nations) countries. The latest attacks, which ...
DeFi Hack Recovers Stolen Funds; Blacklotus Bypasses Windows Secure Boot
Tactics, Techniques, And Procedures Executed in Collaboration Between Jump Crypto and Oasis Networks to Hack Their Own Protocol The series of tactics, techniques, and procedures involved relies on the fact that a threat actor ...
