EternityTeam: a new prominent threat group on underground forums
This blog post on EternityTeam originally came from a FLINT (SEKOIA.IO Flash Intelligence) report sent to our clients on April 12, 2022. During our monitoring of Dark Web cybercrime...Read More
SEKOIA proudly flies the flag of “Cybersecurity Made In Europe”
The European cybersecurity market is huge, diverse and complex. Browsing popular listings, one can spot several hundreds different products on the European market alone. This can make it difficult...Read More
XDR vs Ransomware
Ransomware are still boasting a first rank among cyber threats in 2022 for all companies from SMEs to large groups, and even in the public sector. Yet this threat,...Read More
Mars, a red-hot information stealer
Mars Stealer is an information stealer sold on underground forums by MarsTeam since June 22, 2021, with the malware-as-a-service model. The malware capabilities are those of a classic stealer...Read More
Improving Threat Detection with Sigma Correlations
Today, we are adding Sigma Correlations support to the SEKOIA.IO threat detection capabilities! In this post, we discuss what can be done with it, and why it was needed....Read More
Lapsus$: when kiddies play in the big league
You may not have missed all the noises recently caused by Lapsus$, a group that seems to specialize in extortion without necessarily leveraging ransomware. At first glance, Lapsus$ check...Read More
A war on multiple fronts – the turbulent cybercrime landscape
Russia’s war in Ukraine is currently widely mirrored in cyberspace, engaging many different parties in an ever-increasing dispute. In this blog post, we will focus on developments in the...Read More
The story of a ransomware builder: from Thanos to Spook and beyond (Part...
In a blog post entitled “The story of a ransomware builder: from Thanos to Spook and beyond (Part 1)”, our colleagues from CERT-SEKOIA described the results of incident response on...Read More
Invasion of Ukraine – what implications in cyberspace?
A first version of this blogpost was released as a FLINT (Flash Intelligence Report) by SEKOIA.IO Threat & Detection Research Team on February 16, 2022. This is an updated...Read More
The story of a ransomware builder: from Thanos to Spook and beyond (Part...
Introduction During an onsite incident response analysis, CERT-Sekoia was contacted in order to respond to a Spook ransomware attack. After gathering the evidence, we identified that malicious actors used...Read More