SEKOIA.IO BLOG - News and analyses about cybersecurity operations and threat intelligence

Read it later Remove

May 22 2023

Bluenoroff’s RustBucket campaign

In April 2023, fellow security researchers at Jamf published a report on Bluenoroff’s RustBucket, a newly observed malware targeting macOS platform. Sekoia.io analysts further investigated Bluenoroff’s infrastructure and share...Read More

Jamila B., Kilian Seznec, Charles M. and Threat & Detection Research Team - TDR Author

237 0

Read it later Remove

May 17 2023

Research & Threat Intelligence

APT28 leverages multiple phishing techniques to target Ukrainian civil society

The APT28 intrusion set (aka. Sofacy, PawnStorm, Fancy Bear), associated to the Russian GRU was observed using multiple phishing techniques to target the Ukrainian civil society.Read More

Felix Aimé and Threat & Detection Research Team - TDR Author

363 0

Read it later Remove

May 11 2023

Research & Threat Intelligence

Overview of the Russian-speaking infostealer ecosystem: the logs

This blog post aims at presenting the life cycle of logs, the cybercrime marketplaces dedicated to logs and the noticeable schemes recently used by threat actors to exploit the...Read More

Quentin Bourgue and Threat & Detection Research Team - TDR Author

237 0

Read it later Remove

April 21 2023

Product News & Tutorials

Sekoia.io CTI at a glance

The CTI produced within Sekoia.io provides a comprehensive vision on the global cyber-threats alongside technical indicators of compromise (IOC), revealing the presence of attackers. We are in a “one-to-many”...Read More

Julien De Pins and SEKOIA.IO Author

542 0

Read it later Remove

April 11 2023

Research & Threat Intelligence

Overview of the Russian-speaking infostealer ecosystem: the distribution

This blog post aims at presenting the main techniques, tools and social engineering schemes used by the cybercriminals from the Russian-speaking infostealer ecosystem and observed by Sekoia.io analysts in...Read More

Quentin Bourgue and Threat & Detection Research Team - TDR Author

362 0

Read it later Remove

March 30 2023

Research & Threat Intelligence

SEKOIA.IO analysis of the #VulkanFiles leak

In January 2023, French newspaper Le Monde offered SEKOIA.IO to cooperate on investigating exfiltrated Russian-written documents related to the Moscow-based private company Vulkan.Read More

Felix Aimé, Maxime A. and Threat & Detection Research Team - TDR Author

653 0

Read it later Remove

March 16 2023

Research & Threat Intelligence

Peeking at Reaper’s surveillance operations

In this blogpost you will find the results of a survey conducted by our analysts on two Command and Control servers (C2s) of the North Korea-nexus intrusion set Reaper...Read More

Charles M. Author

699 0

Read it later Remove

February 27 2023

Research & Threat Intelligence

Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part...

This blogpost is a technical analysis of Stealc infostealer, detailing different characteristics of the malware, including anti analysis, strings de-obfuscation and C2 communication techniques.Read More

Pierre Le Bourhis, Quentin Bourgue and Threat & Detection Research Team - TDR Author

551 0

Read it later Remove

February 21 2023

Research & Threat Intelligence

One Year After: The Cyber Implications of the Russo-Ukrainian War

As the ongoing Russo-Ukrainian conflict started on 24 February 2022 is about to mark its first year anniversary, SEKOIA.IO analysts share their analysis pertaining to the cyber picture. This...Read More

Livia Tibirna, Maxime A. and Threat & Detection Research Team - TDR Author

1126 0

Read it later Remove

February 20 2023

Research & Threat Intelligence

Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part...

This blogpost aims at presenting the activities of the Stealc’s alleged developer, a technical analysis of the malware and its C2 communications, and how to track it.Read More

Quentin Bourgue, Pierre Le Bourhis and Threat & Detection Research Team - TDR Author

1274 0

Read it later Remove

January 31 2023

Research & Threat Intelligence

SEKOIA.IO Ransomware Threat Landscape – second-half 2022

This blogpost aims at analysing and highlighting trends within the ransomware ecosystem in the second half of 2022Read More

Livia Tibirna and Threat & Detection Research Team - TDR Author

960 0

Read it later Remove

April 13 2023

Product News & Tutorials

Streamline Your Access with Sekoia.io’s New Single Sign-On (SSO) Feature!

Are you tired of remembering multiple usernames and passwords for different applications? Do you want to enhance the security of your business environment while reducing the workload of your...Read More

Mathieu Bellon Author

261 0

Read it later Remove

April 5 2023

Research & Threat Intelligence

The Energy sector 2022 cyber threat landscape

This report is a joint CITALID and SEKOIA.IO analysis pertaining to cyber activities targeting the energy sector in 2022 in Europe. It is based on open sources reports and...Read More

Jamila B., Livia Tibirna and Threat & Detection Research Team - TDR Author

426 0

Read it later Remove

March 10 2023

Product News & Tutorials

How to improve data collection from endpoints? (tutorial 2023)

Because collecting data from endpoints can sometimes be a pain (to say the least), SEKOIA.IO provides its own agent allowing to collect all relevant logs, from your workstations and servers, with a minimal...Read More

SEKOIA.IO Author

411 0

Log in

Search the site...