SEKOIA.IO BLOG - News and analyses about cybersecurity operations and threat intelligence

Read it later Remove

May 17 2022

Blogpost

EternityTeam: a new prominent threat group on underground forums

This blog post on EternityTeam originally came from a FLINT (SEKOIA.IO Flash Intelligence) report sent to our clients on April 12, 2022. During our monitoring of Dark Web cybercrime...Read More

Threat & Detection Research Team Author

195 0

Read it later Remove

April 29 2022

Blogpost

SEKOIA proudly flies the flag of “Cybersecurity Made In Europe”

The European cybersecurity market is huge, diverse and complex. Browsing popular listings, one can spot several hundreds different products on the European market alone. This can make it difficult...Read More

SEKOIA.IO Author

76 0

Read it later Remove

April 22 2022

Blogpost

XDR vs Ransomware

Ransomware are still boasting a first rank among cyber threats in 2022 for all companies from SMEs to large groups, and even in the public sector. Yet this threat,...Read More

SEKOIA.IO Author

193 0

Read it later Remove

April 7 2022

Blogpost

Mars, a red-hot information stealer

Mars Stealer is an information stealer sold on underground forums by MarsTeam since June 22, 2021, with the malware-as-a-service model. The malware capabilities are those of a classic stealer...Read More

Threat & Detection Research Team Author

1300 0

Read it later Remove

March 29 2022

Blogpost

Improving Threat Detection with Sigma Correlations

Today, we are adding Sigma Correlations support to the SEKOIA.IO threat detection capabilities! In this post, we discuss what can be done with it, and why it was needed....Read More

Upscaling Team Author

849 0

Read it later Remove

March 23 2022

Blogpost

Lapsus$: when kiddies play in the big league

You may not have missed all the noises recently caused by Lapsus$, a group that seems to specialize in extortion without necessarily leveraging ransomware. At first glance, Lapsus$ check...Read More

Threat & Detection Research Team Author

319 0

Read it later Remove

March 7 2022

Blogpost

A war on multiple fronts – the turbulent cybercrime landscape

Russia’s war in Ukraine is currently widely mirrored in cyberspace, engaging many different parties in an ever-increasing dispute. In this blog post, we will focus on developments in the...Read More

Threat & Detection Research Team Author

301 0

Read it later Remove

February 25 2022

Blogpost

The story of a ransomware builder: from Thanos to Spook and beyond (Part...

In a blog post entitled “The story of a ransomware builder: from Thanos to Spook and beyond (Part 1)”, our colleagues from CERT-SEKOIA described the results of incident response on...Read More

Threat & Detection Research Team Author

177 0

Read it later Remove

February 24 2022

Blogpost

Invasion of Ukraine – what implications in cyberspace?

A first version of this blogpost was released as a FLINT (Flash Intelligence Report) by SEKOIA.IO Threat & Detection Research Team on February 16, 2022. This is an updated...Read More

Threat & Detection Research Team Author

179 0

Read it later Remove

February 17 2022

Blogpost

The story of a ransomware builder: from Thanos to Spook and beyond (Part...

Introduction During an onsite incident response analysis, CERT-Sekoia was contacted in order to respond to a Spook ransomware attack. After gathering the evidence, we identified that malicious actors used...Read More

CERT-SEKOIA Author

320 0

Log in

Search the site...