Tag: Furkan Celik

SOC Prime Threat Bounty — August 2022 Results

August ‘22 Publications In August, 151 Sigma rules submitted by Threat Bounty Program members passed the SOC Prime acceptance validation and were released on the SOC Prime Platform. Totally, 313 rules were declined during the review’s first iteration for different reasons, including content quality, the detection value of the suggested code, full of partial duplication […]

Read More
GoodWill Ransomware
GoodWill Ransomware Detection: New Malware Forces Its Victims to Pay Back to Society

A rather peculiar type of malware has recently hit the headlines. The new strain is dubbed GoodWill ransomware, and its novelty lies in the nature of the demands that victims have to fulfill to get the decryption key. The ransomware operators, claiming that they are “hungry for kindness”, expect their targets to support those in […]

Read More
Grandoreiro Banking Malware
Grandoreiro Banking Malware Detection

Banking malware has been a true-and-tried cash cow for adversaries for a long time now. One of such efficient tools in malware distribution campaigns that target the banking sector is a remote-overlay banking trojan Grandoreiro. The trojan was first detected in 2016 (yet, some researchers claim the malware first surfaced in 2017), being used against […]

Read More
PowerShell RAT
PowerShell RAT Detection: Bespoke Malware Used to Fish for War-Related Intelligence

Germany-located users are falling victim to a new malware campaign designed to spread a custom-built PowerShell remote access trojan (RAT). Adversaries set up a decoy site to trick people into taking the bait in a phony newsflash that claims to offer previously unpublished information regarding the situation in Ukraine. Victims are urged to download a […]

Read More
Detect Borat Remote Access Malware

A new tricky remote access tool dubbed Borat RAT was found by cybersecurity researchers. Just like the name suggests, it is a crazy mix of things that is hard to wrap your head around. Borat Trojan is a collection of malware modules coming with a builder and server certificate which includes more than 10 malicious […]

Read More
Interview with Threat Bounty Developer: Furkan Celik

Our Threat Bounty community keeps growing and attracting more and more distinguished specialists in detection content development. This time, we want to introduce to you Furkan Celik – a senior security analyst in banking and one of our active contributors. Furkan has been with us since December 2019. He wrote precise detections that help to […]

Read More