A China-backed crime ring tagged Bronze President launched a campaign targeting government officials in Europe, the Middle East, and South America leveraging PlugX malware ā the backdoor popular among Chinese hacker gangs. According to the researchers, the major objective of the threat group is espionage. Detect PlugX Malware SOC Prime delivers Threat Hunting & Cyber […]
The method of a secure cryptographic key exchange was introduced by Whitfield Diffie and Martin Hellman in 1976. Cool thing about the public and private key pair is that the decryption key cannot be deciphered in any way from an encryption key.Ā This feature is exactly whatās exploited by ransomware actors who encrypt data and […]
Lazarus Group, also known as APT38, Dark Seoul, Hidden Cobra, and Zinc, has garnered a reputation as a highly-qualified and well-funded state-sponsored cluster of criminal hackers, wreaking havoc since 2009. In the most recent campaign, Lazarus deployed novel MagicRAT malware after exploiting vulnerabilities in VMWare Horizon platforms, such as a high-profile Log4j flaw. The notorious […]
MITRE ATT&CKĀ® is a framework for threat-informed cybersecurity defense and public knowledge base of adversarial tactics, techniques, and procedures (TTPs) based on real examples observed in the wild. It also includes a wealth of metadata such as possible detections, mitigations, data sources, platforms, system requirements, associated groups, references, and more. The ATT&CK content is published […]
The malicious campaigns of the Iran-backed APT34 hacking collective also tracked as Charming Kitten, have been causing a stir in the cyber threat arena in 2022, including the cyber-attacks exploiting Microsoft Exchange ProxyShell vulnerabilities. In late August 2022, cybersecurity researchers revealed the ongoing malicious activity posing a serious threat to Gmail, Yahoo!, and Microsoft Outlook […]
Malware stands for malicious software and denotes software that is designed to execute computer instructions that are destructive to a userās system or in any other way hazardous for targeted individuals and enterprises.Ā Rapid technology development has brought a proliferation of various kinds of malware. It can do a range of bad things, such as […]
Lots of children break things not because they are little evil creatures but because they are curious about āhow itās made.ā Eventually, some of those children grow up and become Cybersecurity Analysts. They do basically the same but in an adult world.Ā Malware analysis is the process of studying a malware sample to understand what […]
Cyber Threat Hunting is a novel approach to Threat Detection which is aimed at finding cyber threats within an enterprise’s network before they do any harm. This includes deliberately looking for weak spots as well as any signs of ongoing attacks within a digital infrastructure. Threat Hunting is more complex than passive Threat Detection and […]
Cybersecurity experts from Microsoft Threat Intelligence Center (MSTIC) have disrupted the infrastructure of a nefarious APT responsible for long-lasting cyberespionage activities aimed at targets within NATO countries. The group, dubbed SEABORGIUM, launched multiple phishing, data theft, and hack-and-leak campaigns to spy on defense contractors, NGOs, IGOs, think tanks, and educational institutions, allegedly on-behalf of russian […]
A good threat hunting hypothesis is key to identifying weak spots in an organizationās digital infrastructure. Just learn to ask the right questions, and you will get the answers that youāre looking for. In this blog post, we review a proactive threat hunting methodology: Hypothesis-Driven Threat Hunting. Letās dive right in! Detect & Hunt Explore […]