Log in

Whoops! You have to login to access the Reading Center functionalities!

Forgot password?

Search the site...

Reset

Infection chains used by commodity malware are constantly evolving and use various tricks to bypass security measures and/or user awareness. BumbleBee, QNAPWorm, IcedID and Qakbot are all often used as first-stage malicious code, allowing...

This report aims at depicting recent trends in cyber threats impacting the financial sector worldwide. It focuses on principal tactics, techniques and procedures used by lucrative and state-sponsored intrusion sets by providing an analysis...

Introduction & Objectives DarkGate is sold as Malware-as-a-Service (MaaS) on various cybercrime forums by RastaFarEye persona, in the past months it has been used by multiple threat actors such as TA577 and Ducktail. DarkGate...

414 0
Read it later Remove

This report was originally published for our customers on 26 October 2023. The world of online gaming, a thriving global community of millions, has become an enticing target for malicious actors seeking to exploit...

321 0
Read it later Remove

Given the recent events involving the Palestinian politico-military organisation Hamas which conducted on 7 October 2023 a military and terrorist operation in Israel, Sekoia.io took a deeper look into AridViper, an intrusion set suspected...

352 0
Read it later Remove

ClearFake is a new malicious JavaScript framework deployed on compromised websites to deliver further malware using the drive-by download technique. This blogpost aims at presenting a technical analysis of the ClearFake installation flow, the...

536 0
Read it later Remove

Sekoia.io is actively monitoring hundreds of malicious infrastructure clusters to protect its customers. In light of the recent Citizenlab blogspot and in solidarity with the efforts against cyber mercenaries, we have chosen to shed...

This blog post aims at presenting an overview of the ransomware-related threat evolution in the first half of 2023. The observations and the analysis shared in this blog post focus on ransomware operations mostly...

524 0
Read it later Remove

This report aims at contextualising cyber activities targeting the transportation sector worldwide over the 2022 - 2023 period. This report is based on open source reporting and Sekoia.io observations of campaigns mostly impacting the...

415 0
Read it later Remove

This report is an overview of recent malicious cyber activities associated to China-nexus Intrusion Sets. It is based on open-source documents and Sekoia.io TDR analysts research and does not intend to present an exhaustive...

830 0
Read it later Remove
Load more