Back to Blog

Tag: Cyberattack

Detecting QakBot Malware Campaign Leading to Black Basta Ransomware Infections 3 min read CVEs Detecting QakBot Malware Campaign Leading to Black Basta Ransomware Infections by Daryna Olyniychuk Earth Preta aka Mustang Panda Attack Detection: Abused Fake Google Accounts in Spear-Phishing Campaigns Targeting Governments Worldwide  4 min read CVEs Earth Preta aka Mustang Panda Attack Detection: Abused Fake Google Accounts in Spear-Phishing Campaigns Targeting Governments Worldwide  by Veronika Zahorulko Somnia Malware Detection: UAC-0118 aka FRwL Launches Cyber Attacks Against Organizations in Ukraine Using Enhanced Malware Strains 4 min read CVEs Somnia Malware Detection: UAC-0118 aka FRwL Launches Cyber Attacks Against Organizations in Ukraine Using Enhanced Malware Strains by Veronika Zahorulko Armageddon APT Hacker Group aka UAC-0010 Spreads Phishing Emails Masquerading as the State Special Communications Service of Ukraine 3 min read CVEs Armageddon APT Hacker Group aka UAC-0010 Spreads Phishing Emails Masquerading as the State Special Communications Service of Ukraine by Veronika Zahorulko PURPLEURCHIN Campaign Detection: A New Crypto Mining Operation Massively Abuses GitHub Actions and Other Popular Free CI/CD Service Accounts   3 min read CVEs PURPLEURCHIN Campaign Detection: A New Crypto Mining Operation Massively Abuses GitHub Actions and Other Popular Free CI/CD Service Accounts   by Veronika Zahorulko RomCom Backdoor Detection: Cyber Attack on Ukrainian State Bodies Attributed to Cuba Ransomware Operators aka Tropical Scorpius (UNC2596) Group 4 min read CVEs RomCom Backdoor Detection: Cyber Attack on Ukrainian State Bodies Attributed to Cuba Ransomware Operators aka Tropical Scorpius (UNC2596) Group by Veronika Zahorulko On Demand Subscription: Drive Immediate Value From SOC Prime Platform 4 min read SOC Prime Platform On Demand Subscription: Drive Immediate Value From SOC Prime Platform by Veronika Zahorulko BlackByte Ransomware Detection: Threat Actors Exploit CVE-2019-16098 Vulnerability in RTCore64.sys Driver to Bypass EDR Protection 3 min read CVEs BlackByte Ransomware Detection: Threat Actors Exploit CVE-2019-16098 Vulnerability in RTCore64.sys Driver to Bypass EDR Protection by Veronika Zahorulko ProxyNotShell: Detecting CVE-2022-41040 and CVE-2022-41082, Novel Microsoft Exchange Zero-Day Vulnerabilities Actively Exploited in the Wild 3 min read CVEs ProxyNotShell: Detecting CVE-2022-41040 and CVE-2022-41082, Novel Microsoft Exchange Zero-Day Vulnerabilities Actively Exploited in the Wild by Veronika Zahorulko Top Challenges for MSSPs and MDRs and How to Overcome Them 8 min read SIEM & EDR Top Challenges for MSSPs and MDRs and How to Overcome Them by Oleksandra Rumiantseva