ANALYSIS
DATE | NAME | CATEGORY | SUBCATEGORIES | INFO |
| 8.7.22 | Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine | APT | APT | Following ongoing research our team, IBM Security X-Force has uncovered evidence indicating that the Russia-based cybercriminal syndicate “Trickbot group” has been systematically attacking Ukraine since the Russian invasion — an unprecedented shift as the group had not previously targeted Ukraine. |
| 8.7.22 | THREAT ANALYSIS REPORT: LockBit 2.0 - All Paths Lead to Ransom | Ransomware | Ransomware | In September 2019, a new version of a worm-like ransomware was reported. This ransomware was known as LockBit. Since then, a new variant of LockBit was discovered, dubbed–LockBit 2.0. |
| 07.7.22 | Bitter APT | APT | APT | The SECUINFRA Falcon Team analyzed a recent attack conducted by the south-Asian Advanced Persistent Threat group „Bitter“. |
| 07.7.22 | Hive ransomware gets upgrades in Rust | Ransomware | Ransomware | Hive ransomware is only about one year old, having been first observed in June 2021, but it has grown into one of the most prevalent ransomware payloads in the ransomware-as-a-service (RaaS) ecosystem. |
13.6.22 | Lyceum .NET DNS Backdoor | Hacking | Hacking | Active since 2017, Lyceum group is a state-sponsored Iranian APT group that is known for targeting Middle Eastern organizations in the energy and telecommunication sectors and mostly relying on .NET based malwares. |
5.6.22 | Hacking | Hacking | A new Traffic Direction System (TDS) we are calling Parrot TDS, using tens of thousands of compromised websites, has emerged in recent months and is reaching users from around the world. The TDS has infected various web servers hosting more than 16,500 websites, ranging from adult content sites, personal websites, university sites, and local government sites. | |
5.6.22 | WinDealer | Malware | Malware espionage | An "extremely sophisticated" Chinese-speaking advanced persistent threat (APT) actor dubbed LuoYu has been observed using a malicious Windows tool called WinDealer that's delivered by means of man-on-the-side attacks. |
25.5.22 | Beneath the surface: Uncovering the shift in web skimming | Malware | Malware | Microsoft security researchers recently observed that web skimming campaigns now employ various obfuscation techniques to deliver and hide skimming scripts |
23.5.22 | Fronton: A Botnet for Creation, Command, and Control of Coordinated Inauthentic Behavior | BotNet | BotNet | In March 2020, a hacktivist group called “Digital Revolution” claimed to have hacked a subcontractor to the FSB, the Federal Security Service of the Russian Federation. They claimed the hack occurred in April 2019. |
20.5.22 | XorDdos | Malware | Linux | XorDdos depicts the trend of malware increasingly targeting Linux-based operating systems, which are commonly deployed on cloud infrastructures and Internet of Things (IoT) devices. |
| 20.5.22 | Group-IB presents its annual ransomware guidebook: winning streak continues, avg ransom grows by 45% | Cyber-Crime | Ransom | Group-IB, one of the global cybersecurity leaders, unveils its second annual guide to the evolution of threat number one "Ransomware Uncovered 2021/2022″. The findings of the second edition of the report indicate that the ransomware empire kept its winning streak going with the average ransom demand growing by 45% to reach $247,000 in 2021. |
| 20.5.22 | Wizard Spider In-Depth Analysis | Organized Cyber-Crime | Organized Cyber-Crime | This report provides unprecedented visibility into the structure, background, and motivations of Wizard Spider. We’ve obtained command statistics, target country statistics, command execution patterns, and other information on the group’s tactics, techniques, and procedures. |
| 20.5.22 | Cryware | Cryware | Cryware | In hot pursuit of ‘cryware’: Defending hot wallets from attacks |
| 20.5.22 | Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself | Ransomware | Ransomware | Microsoft processes 24 trillion signals every 24 hours, and we have blocked billions of attacks in the last year alone. Microsoft Security tracks more than 35 unique ransomware families and 250 unique threat actors across observed nation-state, ransomware, and criminal activities. |