Command & Control infrastructures tracked by SEKOIA.IO in 2022
Throughout 2022, SEKOIA.IO's Threat & Detection Research (TDR) team continued to proactively track and monitor the Command & Control (C2) infrastructures set up and used by cybercriminal or state...Read More
The DPRK delicate sound of cyber
This blogpost aims at contextualising and analysing trends pertaining to cyber malicious activities associated to the Democratic People’s Republic of Korea-nexus Intrusion Sets reported in open sources in 2022.Read More
How to use SEKOIA.IO indicators in Microsoft Sentinel ?
Since May 20221,2, SEKOIA.IO indicators can be integrated into Microsoft Sentinel. In this blogpost, we will cover how to take advantage of this integration and extend it using a...Read More
Calisto show interests into entities involved in Ukraine war support
Calisto (aka Callisto, COLDRIVER) is suspected to be a Russian-nexus intrusion set active since at least April 2017. Although it was not publicly attributed to any Russian intelligence service,...Read More
Aurora: a rising stealer flying under the radar
SEKOIA.IO analysed Aurora in depth and share the results of our investigation in this article.Read More
BlueFox Stealer: a newcomer designed for traffers teams
This blog post on BlueFox Stealer is an extract of the “FLINT 2022-053 – BlueFox Stealer: a newcomer designed for traffers teams” report (SEKOIA.IO Flash Intelligence) sent to our clients...Read More
PrivateLoader: the loader of the prevalent ruzki PPI service
SEKOIA analysts tracked PrivateLoader’s network infrastructure for several months and recently conducted an in-depth analysis of the malware. In parallel, we also monitored activities related to the ruzki PPI...Read More
Traffers: a deep dive into the information stealer ecosystem
Traffers are threat actors playing a key role in the augmentation of the threat surface, and more generally in non-legitimate traffic generation. SEKOIA observed hundreds of advertisements aiming at...Read More
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points:Read More
Ongoing Roaming Mantis smishing campaign targeting France
This blog post on Roaming Mantis group is an extract of the “FLINT 2022-037 – Ongoing Roaming Mantis smishing campaign targeting France” report (SEKOIA.IO Flash Intelligence) sent to our clients...Read More