Mars Stealer is an information stealer sold on underground forums by MarsTeam since June 22, 2021, with the malware-as-a-service model. The malware capabilities are those of a classic stealer with a focus on cryptocurrency...
Today, we are adding Sigma Correlations support to the SEKOIA.IO threat detection capabilities! In this post, we discuss what can be done with it, and why it was needed. Limitations of STIX and STIX...
You may not have missed all the noises recently caused by Lapsus$, a group that seems to specialize in extortion without necessarily leveraging ransomware. At first glance, Lapsus$ check marks all elements that would...
A first version of this blogpost was released as a FLINT (Flash Intelligence Report) by SEKOIA.IO Threat & Detection Research Team on February 16, 2022. This is an updated version, in light of the...