Command & Control infrastructures tracked by SEKOIA.IO in 2022
Throughout 2022, SEKOIA.IO's Threat & Detection Research (TDR) team continued to proactively track and monitor the Command & Control (C2) infrastructures set up and used by cybercriminal or state...Read More
Raspberry Robin’s botnet second life
As many botnets and worms, SEKOIA.IO analysts demonstrate through this article that Raspberry Robin can be repurposed by other threat actors to deploy their own implants.Read More
Unveiling of a large resilient infrastructure distributing information stealers
This blogpost aims at presenting the current infection chain, payloads and the whole infrastructure used to distribute infostealersRead More
New RisePro Stealer distributed by the prominent PrivateLoader
This article aims at presenting SEKOIA.IO RisePro information stealer analysis.Read More
The DPRK delicate sound of cyber
This blogpost aims at contextualising and analysing trends pertaining to cyber malicious activities associated to the Democratic People’s Republic of Korea-nexus Intrusion Sets reported in open sources in 2022.Read More
Calisto show interests into entities involved in Ukraine war support
Calisto (aka Callisto, COLDRIVER) is suspected to be a Russian-nexus intrusion set active since at least April 2017. Although it was not publicly attributed to any Russian intelligence service,...Read More
Lucky Mouse: Incident Response to Detection Engineering
This blogpost discusses how the Tactics, Techniques and Procedures (TTPs) used by the APT27 (Lucky Mouse) intrusion set in the last incident reported by Intrinsec, a SEKOIA.IO Managed Security...Read More
Aurora: a rising stealer flying under the radar
SEKOIA.IO analysed Aurora in depth and share the results of our investigation in this article.Read More
BlueFox Stealer: a newcomer designed for traffers teams
This blog post on BlueFox Stealer is an extract of the “FLINT 2022-053 – BlueFox Stealer: a newcomer designed for traffers teams” report (SEKOIA.IO Flash Intelligence) sent to our clients...Read More
XDR detection engineering at scale: crafting detection rules for SecOps efficiency
In this blogpost we present SEKOIA.IO’s process to create detection rules, which first requires explaining our detection workflow as well as understanding SEKOIA.IO XDR history and specificities.Read More