Tag selected: Threat Actors

Rooty Dolphin uses Mekotio to target bank clients in South America and Europe
Key Points  Rooty Dolphin is a threat actor who uses Mekotio to target banks  Mekotio is a banking trojan with Brazilian origins  Rooty Dolphin started targeting South America but moved to Europe some months ago   Introduction  Blueliv Labs has been tracking the activities of different threat actors performing campaigns in Latam and Europe....
Hacktivism Operations cloud
Analysis of the Top10 Hacktivist Operations
Key Points The most relevant hacktivist operations in the last 12 months were: #OpIceIsis, #OpChile, #OpChildSafety, #OpKillingBay and #OpBeast.  The operation #OpGeorgeFloyd, born after George Floyd was killed by police in Minneapolis in May 2020, amassed 8535 tweets in just three weeks.  Hacktivist attacks generally comprise DDoS attacks, publishing...
Hacker silhouette
Sounding the Pharma Alarma: An overview of the pharmaceutical threat landscape
The whole world is fighting the spread of COVID-19 and working to return to the lives we had before. Pharmaceutical and medical research teams in different countries are busy searching for a solution to win the battle against the virus. However, cybercriminals and threats don’t rest, even in an...
research-blog
TOP 5 ATT&CK techniques used by Threat Actors tied to Iran
On the 3rd of January 2020, the Iranian Major General Qasem Soleimani was killed in a US drone strike ordered by President Donald Trump at Baghdad International Airport. Since then, popular demonstrations and military responses have been seen coming from Iran. It’s important to remember, however, that wars and...
ServHelper-evolution-TA505-campaigns
TA505 evolves ServHelper, uses Predator The Thief and Team Viewer Hijacking
Countries targeted by TA505 using ServHelper    Introduction ServHelper is a backdoor first spotted at the end of 2018 by Proofpoint and linked to TA505. This threat actor is known to have distributed Dridex and Locky in the past, in addition to FlawedAmmyy, FlawedGrace and Get2/SDBBot more recently, amongst others.   This blog post will offer some analysis on developments relating to ServHelper, including detail...
Threat Actor activity: a quick recap
In our recent Threat Landscape Report we profiled several active threat actors which have made an impact over the past year. All of the threat actors in this article remain under close observation. Sharing this intelligence is part of our ongoing mission to collaborate with industry peers, enrich the...
Annual Cyberthreat Landscape report shines spotlight on credential theft and expanding Latin America market
Today we launch our Annual Cyberthreat Landscape Report for 2018-19, providing insights into emerging and evolving cybersecurity trends. By sharing intelligence and collaborating with the industry, we are in a much better position to fight cybercrime this year. The report reveals that botnet stolen credentials increased by a staggering fifty...
Sales of AZORult grind to an AZOR-halt
Author of Popular Credential Stealer Announces End of Sales Key Points In late December, the author of the AZORult stealer publicly stated that he would be ending sales of the malware. AZORult has been advertised on Russian-language cybercrime forums since at least 2016 and has become fairly popular among...
Demo Free Trial MSSP
Program