Year: 2019

Delaware, USA – November 7, 2019 – Adversaries have found another way to bypass secure email gateways and antimalware solutions using specially crafted ZIP archives. Researchers from Trustwave spotted an interesting spam campaign spreading NanoCore RAT, and an analysis of the attached file revealed a new method for hiding malicious files in archives, which, however, […]

Delaware, USA – November 6, 2019 – Lost in Translation leak released by Shadow Brokers continues to surprise and reveal information about previously unknown APT groups. Among the published tools there was also a script that checked systems attacked by the Equation Group for the presence of malware developed by other threat actors. The signature […]

Delaware, USA – November 5, 2019 – Ransomware operators continue to attack organizations in European countries. Three weeks after the attack on Pilz, a German automation technology company, adversaries turned their attention to Spain and encrypted systems in two companies. More information is currently known about the attack on Everis, one of the largest managed […]

Delaware, USA – November 4, 2019 – Security researchers first discovered the exploitation of BlueKeep vulnerability for malicious purposes. So far, not particularly skilled cybercriminals are using the exploit published several months ago by the Metasploit team to infect unpatched Windows systems with Monero cryptocurrency miners. The campaign began in the second half of October […]

Delaware, USA – October 24, 2019 – The new malware is supposedly spreading through Discord, and simply removing the malicious file is not enough to clean the system. Spidey Bot was discovered by MalwareHunterTeam, the malware modifies the Windows Discord client transmuting it into an infostealer with backdoor capabilities. This is possible because the Discord […]

Delaware, USA – October 23, 2019 – German automation technology company fell victim to a massive ransomware attack; computer systems in all locations of Pilz across the globe were affected. The attack occurred on Sunday, October 13, and the company will recover for a long time from its devastating consequences. Almost a week was needed […]

Delaware, USA – October 21, 2019 – SOC Prime team is heading to Luxembourg where the 15th edition of Hack.lu conference will be held on October 22-24, 2019. Hack.lu is an open convention/conference where technical and non-technical people can discuss the implication of new technologies and the latest cybersecurity trends. Event’s agenda includes workshops, practical […]

Delaware, USA – October 18, 2019 – The campaign of the Russian APT group began in 2013 and remained undetected until recently. Researchers from ESET named it Operation Ghost, its targets were the US embassy of a European Union, as well as ministries of foreign affairs in several European countries. In addition to the well-known […]

Delaware, USA – October 16, 2019 – Chinese cyber espionage group Winnti used a new Windows backdoor in the attack on a major mobile hardware and software manufacturer based in Asia. ESET team discovered PortReuse malware during an investigation of supply-chain attacks conducted by the group. The researchers found that the attackers used the same […]

Meet Nate Guagenti Over a decade, Nate has both deployed and engineered network and endpoint SIEMs that have scaled to multiple-TB/day of ingest, while simultaneously using and training others on the deployed solution. As Nate has worked in all facets of IT, he adds the unique experience of someone who has performed both endpoint and network […]