Tag selected: Threat Analysis

Hacker silhouette
Sounding the Pharma Alarma: An overview of the pharmaceutical threat landscape
The whole world is fighting the spread of COVID-19 and working to return to the lives we had before. Pharmaceutical and medical research teams in different countries are busy searching for a solution to win the battle against the virus. However, cybercriminals and threats don’t rest, even in an...
ServHelper-evolution-TA505-campaigns
TA505 evolves ServHelper, uses Predator The Thief and Team Viewer Hijacking
Countries targeted by TA505 using ServHelper    Introduction ServHelper is a backdoor first spotted at the end of 2018 by Proofpoint and linked to TA505. This threat actor is known to have distributed Dridex and Locky in the past, in addition to FlawedAmmyy, FlawedGrace and Get2/SDBBot more recently, amongst others.   This blog post will offer some analysis on developments relating to ServHelper, including detail...
research-blog
Spanish consultancy Everis suffers BitPaymer ransomware attack: a brief analysis
On 4th November 2019 researchers and the media reported a massive ransomware attack against several Spanish companies. Some of this news was exaggerated as it transpired that just two companies confirmed a security incident. However, both companies were attacked by a different threat actor.  This blog post will seek to clarify some details concerning the attack against Everis, which was different to...
research-blog
An analysis of a spam distribution botnet: the inner workings of Onliner Spambot
  Table of contents Introduction Modular Design Worker Module Onliner Custom XOR key generation algorithm Checker SMTP Module Mailer Module Conclusion IOCs   Introduction Successful cybercrime campaigns make use of different elements working together to achieve their common goal. In the case of Onliner, the spambot appears to be...
Overview and thoughts about Shamoon3 toolkit
Introduction On August 15, 2012, a computer attack left “out of the box” about 30,000 Windows systems of the Saudi Aramco oil company. The incident had a significant impact on businesses processes and production at the company, which took weeks to return to normal activity. The malware deployed in...
industry-blog
Blueliv Annual Cyberthreat Report advises increased intelligence sharing and cross-industry collaboration
Malware advances no longer focused on ‘traditional’ enterprise targets as cybercriminals expand their scope Today we release our Annual Cyberthreat Report, compiling actionable intelligence from Threat Compass with expert insight from our analyst team. We conclude that a higher level of collaboration and intelligence-sharing between industries is ever-more crucial...
research-blog
Cyber Threats keep growing. Blueliv’s Cyber Threat Intelligence Report.
Here you are the main conclusions of the just analyzed Cyber Threats which have been apparent on a global level during the second quarter of 2014, comparing them with the first quarter of the year. The main point is that Cyber Threats continue to be increasingly more frequent and...
Demo Free Trial MSSP
Program