Log in

Whoops! You have to login to access the Reading Center functionalities!

Forgot password?

Search the site...


In January 2023, French newspaper Le Monde offered SEKOIA.IO to cooperate on investigating exfiltrated Russian-written documents related to the Moscow-based private company Vulkan.

186 0
Read it later Remove

In this blogpost you will find the results of a survey conducted by our analysts on two Command and Control servers (C2s) of the North Korea-nexus intrusion set Reaper (aka APT37). This investigation led...

400 0
Read it later Remove

Because collecting data from endpoints can sometimes be a pain (to say the least), SEKOIA.IO provides its own agent allowing to collect all relevant logs, from your workstations and servers, with a minimal configuration overhead. It is currently...

182 0
Read it later Remove

This blogpost is a technical analysis of Stealc infostealer, detailing different characteristics of the malware, including anti analysis, strings de-obfuscation and C2 communication techniques.

227 0
Read it later Remove

As the ongoing Russo-Ukrainian conflict started on 24 February 2022 is about to mark its first year anniversary, SEKOIA.IO analysts share their analysis pertaining to the cyber picture. This report does not list all...

706 0
Read it later Remove

This blogpost aims at presenting the activities of the Stealc’s alleged developer, a technical analysis of the malware and its C2 communications, and how to track it.

648 0
Read it later Remove

This blogpost aims at analysing and highlighting trends within the ransomware ecosystem in the second half of 2022

515 0
Read it later Remove

Throughout 2022, SEKOIA.IO's Threat & Detection Research (TDR) team continued to proactively track and monitor the Command & Control (C2) infrastructures set up and used by cybercriminal or state sponsored intrusion sets to carry...

442 0
Read it later Remove

As many botnets and worms, SEKOIA.IO analysts demonstrate through this article that Raspberry Robin can be repurposed by other threat actors to deploy their own implants.

786 0
Read it later Remove

This blogpost aims at presenting the current infection chain, payloads and the whole infrastructure used to distribute infostealers

1058 0
Read it later Remove
Load more
Follow us on Social Media