LuckyMouse uses a backdoored Electron app to target MacOS
This blog post on LuckyMouse is an extract of the “FLINT 2022-045 – LuckyMouse uses a backdoored Electron app to target MacOS” report (SEKOIA.IO Flash Intelligence) sent to our clients...Read More
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points: Ransomware victimology – recent evolutions A busy first half of the year...Read More
Ongoing Roaming Mantis smishing campaign targeting France
This blog post on Roaming Mantis group is an extract of the “FLINT 2022-037 – Ongoing Roaming Mantis smishing campaign targeting France” report (SEKOIA.IO Flash Intelligence) sent to our clients...Read More
Vice Society: a discreet but steady double extortion ransomware group
This blog post on Vice Society ransomware group was originally published as a FLINT report (SEKOIA.IO Flash Intelligence) sent to our clients on June 29, 2022. What is Vice Society?...Read More
Raccoon Stealer v2 – Part 2: In-depth analysis
Introduction Raccoon is an information-stealing malware the likes of cryptocurrency wallet stealers such as AgentTesla, Formbook, Redline, and Vidar. In March 2022, Raccoon Team announced their temporary retirement due...Read More
Raccoon Stealer v2 – Part 1: The return of the dead
Raccoon Stealer was one of the most prolific information stealers in 2021, being used by multiple cybercriminal actors. Due to its wide stealing capabilities, the customizability of the malware...Read More
CALISTO continues its credential harvesting campaign
This blog post on CALISTO threat actor is an extract of a FLINT report (SEKOIA.IO Flash Intelligence) sent to our clients on June 16, 2022. March 30, 2022, Google TAG...Read More
BumbleBee: a new trendy loader for Initial Access Brokers
This blog post on BumbleBee malware was originally published as a FLINT report (SEKOIA.IO Flash Intelligence) sent to our clients on June 02, 2022. BumbleBee is a new malicious loader, first...Read More
Threat Intelligence is not (only) on a spectrum
Threats are diverse. So is Threat Intelligence When it comes to information on the cyber-battlefield, what is called Cyber Threat Intelligence (CTI) can vary widely, between the raw streaming...Read More
MSDT abused to achieve RCE on Microsoft Office
This blog post on this Microsoft zero-day vulnerability was originally published as a FLINT report (SEKOIA.IO Flash Intelligence) sent to our clients on May 31, 2022. On May 27th a...Read More