Threat Intelligence Advisories

Real-time access to research-based visibility into cyber threats
high quality illustration, banner with a close-up of an indian customer service rep wearing a headset, with an office workspace in the background, representing support service concept

December 2024

BianLian Ransomware: Shifting Tactics from Encryption to Data Extortion

BianLian Ransomware: Shifting Tactics from Encryption to Data Extortion

03 December 2024

November 2024

FOG Ransomware: The Silent Storm of Cybercrime

RansomHub Ransomware: The RaaS Powerhouse Wreaking Havoc

26 November 2024

FOG Ransomware: The Silent Storm of Cybercrime

FOG Ransomware: The Silent Storm of Cybercrime

19 November 2024

Evasive Panda - Unmasking China’s Geopolitical Cyber Spy

Evasive Panda - Unmasking China’s Geopolitical Cyber Spy

12 November 2024

TA866 - Multi-Malware Menace

TA866 - Multi-Malware Menace

05 November 2024
 

October 2024

BlackCat Ransomware: Unleashing the Nitrogen Threat

BlackCat Ransomware: Unleashing the Nitrogen Threat

29 October 2024

Kryptina Ransomware – Resurfaces with Mallox Variant Targeting  Enterprises

Kryptina Ransomware – Resurfaces with Mallox Variant Targeting Enterprises

22 October 2024

UNC1860 - A Deep Dive into Their Custom-Built Arsenal

UNC1860 - A Deep Dive into Their Custom-Built Arsenal

15 October 2024

BunnyLoader 3.0 – Digging into Digital Havoc

BunnyLoader 3.0 – Digging into Digital Havoc

08 October 2024

Sharp Dragon – Setting Ablaze Government Organizations

Sharp Dragon – Setting Ablaze Government Organizations

01 October 2024

September 2024

Unit 29155 - GRU’s Shadows in Cyber Espionage

Cyber Threat Intelligence Advisory

KPMG Cyber Threat Intelligence Advisory - weekly update by KPMG in India
BlackSuit Ransomware - Rebranded Threat Targeting Enterprises  Worldwide

Cyber Threat Intelligence Advisory

KPMG Cyber Threat Intelligence Advisory - weekly update by KPMG in India
PEAKLIGHT - Advanced Memory-Only Malware Targeting Windows

Cyber Threat Intelligence Advisory

KPMG Cyber Threat Intelligence Advisory - weekly update by KPMG in India
Noodle RAT - The Cross-Platform Menace

Cyber Threat Intelligence Advisory

KPMG Cyber Threat Intelligence Advisory - weekly update by KPMG in India

August 2024

NJRAT - A Persistent Threat Affecting Critical Industries

Cyber Threat Intelligence Advisory

KPMG Cyber Threat Intelligence Advisory - weekly update by KPMG in India
ExCobalt Cyber Gang - Russian Entities Hit by GoRed Backdoor

Cyber Threat Intelligence Advisory

KPMG Cyber Threat Intelligence Advisory - weekly update by KPMG in India
SideWinder Group - Targeting Maritime Facilities Through Phishing Exploits

Cyber Threat Intelligence Advisory

KPMG Cyber Threat Intelligence Advisory - weekly update by KPMG in India
Andariel Group - North Korea's Advanced Cyber Warfare Tactics

Cyber Threat Intelligence Advisory

KPMG Cyber Threat Intelligence Advisory - weekly update by KPMG in India
Ransomware Hits C-EDGE - Payment Services Affected

Cyber Threat Intelligence Advisory

KPMG Cyber Threat Intelligence Advisory - weekly update by KPMG in India

July 2024

DISGOMOJI - Evolving Techniques of Emoji Malware

DISGOMOJI - Evolving Techniques of Emoji Malware

CrowdStrike Global Windows Outage : An Update on the State of Affairs

CrowdStrike Global Windows Outage : An Update on the State of Affairs

CrowdStrike Causing Global Windows Outage

CrowdStrike Causing Global Windows Outage

ChamelGang – The Shape-Shifting Cyber Menace

ChamelGang – The Shape-Shifting Cyber Menace

Void Arachne - Infiltrating Chinese Users with Winos 4.0

Void Arachne - Infiltrating Chinese Users with Winos 4.0

Sticky Werewolf – Expanding threats in the Aviation Sector

Sticky Werewolf – Expanding threats in the Aviation Sector

June 2024

ValleyRAT - Returns with Enhanced Capabilities

ValleyRAT - Returns with Enhanced Capabilities

Grandoreiro Trojan – Unveiling the Banking Sector's Nemesis

Grandoreiro Trojan – Unveiling the Banking Sector's Nemesis

Chalubo Malware – Exploiting Routers Across the Globe

Chalubo Malware – Exploiting Routers Across the Globe

Unfading Sea Haze – Maneuvers Across the South China Sea

Unfading Sea Haze – Maneuvers Across the South China Sea

May 2024

Cuttlefish Malware – Exploiting Routers and Sniffing Cloud Credentials

Cuttlefish Malware – Exploiting Routers and Sniffing Cloud Credentials

CR4T Malware - Targeting Government Entities in the Middle East

CR4T Malware - Targeting Government Entities in the Middle East

Goldoon Botnet – Exploiting Vulnerabilities in D-Link Devices

Goldoon Botnet – Exploiting Vulnerabilities in D-Link Devices

TimbreStealer - Mexico’s Cyber Users Under Threat

TimbreStealer - Mexico’s Cyber Users Under Threat

April 2024

Raspberry Robin – Resurged with Advanced Evasion Tactics

Raspberry Robin – Resurged with Advanced Evasion Tactics

StrelaStealer – Back with Revamped Tactics

StrelaStealer – Back with Revamped Tactics

CoralRaider - Pilfering Financial Data Across Asia

CoralRaider - Pilfering Financial Data Across Asia

8220 Gang - Unleashing Crypto Chaos on Windows and Linux

8220 Gang - Unleashing Crypto Chaos on Windows and Linux

Smokeloader Malware - Targeting Ukrainian Institutions

Smokeloader Malware - Targeting Ukrainian Institutions

March 2024

RedCurl - Exploiting Mail Transfer Service and PCA

RedCurl - Exploiting Mail Transfer Service and PCA

UNC1549 - Iran's Cyber Intrusion into Aerospace and Defense

UNC1549 - Iran's Cyber Intrusion into Aerospace and Defense

Phobos Ransamwore - A Threat to Critical Infrastructure

Phobos Ransamwore - A Threat to Critical Infrastructure

Water Hydra APT - Infiltrating the Financial Sector

Water Hydra APT - Infiltrating the Financial Sector

February 2024

APT28 - Unveiling Russia's GRU Cyber Tactics

APT28 - Unveiling Russia's GRU Cyber Tactics

NS Stealer : Leveraging Discord for Data Exfiltration

NS Stealer : Leveraging Discord for Data Exfiltration

Zloader - Targeting Windows Users with Revamped Tactics

Zloader - Targeting Windows Users with Revamped Tactics

Remcos RAT - A Deceptive Remote Access Threat

Remcos RAT - A Deceptive Remote Access Threat

January 2024

SugarGh0st Malware – Twin Infection Chains Revealed

SugarGh0st Malware – Twin Infection Chains Revealed

Pikabot Malware – The Multilayer Trojan Spreading Through Malspam

Pikabot Malware – The Multilayer Trojan Spreading Through Malspam

Alphv/BlackCat – A Formidable Cross Platform Adversary

Alphv/BlackCat – A Formidable Cross Platform Adversary

December 2023

PicassoLoader Malware – Concealed Threats In Image Files

PicassoLoader Malware – Concealed Threats In Image Files

BundleBot Malware - Comes Prepared With Its Own .NET Bundle

BundleBot Malware - Comes Prepared With Its Own .NET Bundle

Knight Ransomware – Menacing Cross-Platforms Threat

Knight Ransomware – Menacing Cross-Platforms Threat

November 2023

Ducktail - Malware That Preys on Business Social Media Accounts

Ducktail - Malware That Preys on Business Social Media Accounts

Exela Stealer – Rise of Open-source Info-Stealers

Exela Stealer – Rise of Open-source Info-Stealers

SideCopy APT - Targeting Indian Defense Organizations

SideCopy APT - Targeting Indian Defense Organizations

Quasar APT – Leveraging DLL Sideloading

Quasar APT – Leveraging DLL Sideloading

October 2023

Gelsemium APT - Deceptive Web Shells Unveiled

Gelsemium APT - Deceptive Web Shells Unveiled

ToddyCat - Redefining Modern Espionage

ToddyCat - Redefining Modern Espionage

Gold Melody – Exploiting Vulnerabilities in Unpatched Servers

Gold Melody – Exploiting Vulnerabilities in Unpatched Servers

TAG-74 – Strengthening Capabilities with Bisonal Backdoor

TAG-74 – Strengthening Capabilities with Bisonal Backdoor

Snatch Ransomware - Exploiting Safe Mode for Stealthy Intrusion

Snatch Ransomware - Exploiting Safe Mode for Stealthy Intrusion

September 2023

Rhysida Ransomware - Infecting Healthcare Organizations

Rhysida Ransomware - Infecting Healthcare Organizations

Earth Estries : A Cyber Espionage Revelation

Earth Estries : A Cyber Espionage Revelation

Chaes Malware - Siphoning Data through Chrome DevTools

Chaes Malware - Siphoning Data through Chrome DevTools

Scarab Ransomware – Unravelling CosmicBeetle’s Cyber Threat

Scarab Ransomware – Unravelling CosmicBeetle’s Cyber Threat

August 2023

Raccoon Stealer Malware V2 - Resurging as a Stealthier Threat

Raccoon Stealer Malware V2 - Resurging as a Stealthier Threat

NodeStealer – Targeting your Digital Presence

NodeStealer – Targeting your Digital Presence

Akira Ransomware – Wrecking Damage in Retro-Style

Akira Ransomware – Wrecking Damage in Retro-Style

Realst Infostealer – New Rust-Based Malware Targeting MacOS

Realst Infostealer – New Rust-Based Malware Targeting MacOS

Casbaneiro Malware - An Emerging Banking Trojan

Casbaneiro Malware - An Emerging Banking Trojan

FIN8 – Continues to Evolve its Toolkit

FIN8 – Continues to Evolve its Toolkit

July 2023

New FiveSys Rootkit – A Microsoft-Signed Malicious Kernel Driver

New FiveSys Rootkit – A Microsoft-Signed Malicious Kernel Driver

Ursnif - Evolutionary Exploits of a Banking Trojan

Ursnif - Evolutionary Exploits of a Banking Trojan

CACTUS Ransomware – Concealed Binary Wrecking Havoc

CACTUS Ransomware – Concealed Binary Wrecking Havoc

Muddled Libra – Embracing Helpdesk Impersonation

Muddled Libra – Embracing Helpdesk Impersonation

June 2023

KPMG Cyber Threat Intelligence Platform

Shuckworm - Another Russian APT Targeting Ukraine

KPMG Cyber Threat Intelligence Platform

Void Rabisu – Blurring Lines between APTs & Cyber Criminals

KPMG Cyber Threat Intelligence Platform

Asylum Ambuscade – Straddling between Cybercrime and Cyber Espionage

KPMG Cyber Threat Intelligence Platform

ViperSoftX – Targeting Password Managers & Cryptos

June 2023

KPMG Cyber Threat Intelligence Platform

Shuckworm - Another Russian APT Targeting Ukraine

KPMG Cyber Threat Intelligence Platform

Void Rabisu – Blurring Lines between APTs & Cyber Criminals

KPMG Cyber Threat Intelligence Platform

Asylum Ambuscade – Straddling between Cybercrime and Cyber Espionage

KPMG Cyber Threat Intelligence Platform

ViperSoftX – Targeting Password Managers & Cryptos

May 2023

Trigona- Emerging New Ransomware

Trigona- Emerging New Ransomware

Mango Sandstorm - Rapidly Leveraging Latest Exploits

Mango Sandstorm - Rapidly Leveraging Latest Exploits

ViperSoftX – Targeting Password Managers & Cryptos

ViperSoftX – Targeting Password Managers & Cryptos

Cylance - Tale of a New Cross Platform Ransomware

Cylance - Tale of a New Cross Platform Ransomware

SocGholish – Hiding Behind the Masks

SocGholish – Hiding Behind the Masks

April 2023

QBot – Thriving With New Tactics

QBot – Thriving With New Tactics

Rorschach – New Fastest Ransomware in the Town

Rorschach – New Fastest Ransomware in the Town

Royal Ransomware – Stopping at Nothing

Royal Ransomware – Stopping at Nothing

March 2023

YoroTrooper – Motivated by Geo-Political Interests

YoroTrooper – Motivated by Geo-Political Interests

Amadey – Return of the Malware Distributor

Amadey – Return of the Malware Distributor

Clop Ransomware – Reckless Data Exfiltration Spree

Clop Ransomware – Reckless Data Exfiltration Spree

PureCrypter – Proliferating Multiple Malware Families

PureCrypter – Proliferating Multiple Malware Families

hardbit-2.0-01-mar-2023.pdf

hardbit-2.0-01-mar-2023.pdf

February 2023

Vice Society – Low Effort, High Impact Ransomware

Vice Society – Low Effort, High Impact Ransomware

Clop Ransomware - Honing its techniques

Clop Ransomware - Honing its techniques

Titan Stealer – Another Day, Another Stealer

Titan Stealer – Another Day, Another Stealer

January 2023

BianLian Ransomware – Smart, Fast & Stealthy

BianLian Ransomware – Smart, Fast & Stealthy

Play Ransomware – A New Formidable Threat

Play Ransomware – A New Formidable Threat

GodFather – Massacring the Android Defenses

GodFather – Massacring the Android Defenses

December 2022

Jester Stealer – Not a Joke

Jester Stealer – Not a Joke

Raspberry Robin – The new popular worm

Raspberry Robin – The new popular worm

BlackByte : Learning from its Mistakes

BlackByte : Learning from its Mistakes

November 2022

Aurora Stealer – Botnet turned MaaS turned Stealer

Aurora Stealer – Botnet turned MaaS turned Stealer

Daxin Backdoor - Over-engineered for Stealth

Daxin Backdoor - Over-engineered for Stealth

RapperBot – Swiftly building upon Mirai

RapperBot – Swiftly building upon Mirai

APT 42 – A con artist with phony tricks

APT 42 – A con artist with phony tricks

October 2022

Magniber - The Single Client Ransomware

Magniber - The Single Client Ransomware

Bumblebee – The new buzz among malware loaders

Bumblebee – The new buzz among malware loaders

September 2022

Loci Locker - A Painfully Mischievous RaaS

Loci Locker - A Painfully Mischievous RaaS

Evilnum - Evolved As Cyber Demon?

Evilnum - Evolved As Cyber Demon?

Shikitega

Shikitega

Shikitega - Stealthy Sophisticated Malware

Shikitega - Stealthy Sophisticated Malware

Haron Ransomware

Haron Ransomware

August 2022

Raccoon Stealer - Simple Yet Effective

Raccoon Stealer - Simple Yet Effective

RedLine Stealer - A Cheap and Versatile malware

RedLine Stealer - A Cheap and Versatile malware

MedusaLocker Ransomware: In-force and Compact !

MedusaLocker Ransomware: In-force and Compact !

July 2022

Karakurt: The Conti Extortion Arm

Karakurt: The Conti Extortion Arm

ToddyCat APT : Both perilous and quiet !!

ToddyCat APT : Both perilous and quiet !!

Bronze Starlight - Ransomware for Intelligence theft

Bronze Starlight - Ransomware for Intelligence theft

MuddyWater: A Confederation of Thieves

MuddyWater: A Confederation of Thieves

June 2022

LuoYu - A near impossible man on the side Attacker !

LuoYu - A near impossible man on the side Attacker !

Gallium APT

Gallium APT

Panchan Botnet – Proliferating through SSH

Panchan Botnet – Proliferating through SSH

Follina : Another Troublemaker in Cyber Market!

Follina : Another Troublemaker in Cyber Market!

May 2022

Black Basta : Yet another Rebrand?

Black Basta : Yet another Rebrand?

Remote Takeover of F5's Big-IP

Remote Takeover of F5's Big-IP

Bitter APT : An Intelligence Accumulator!

Bitter APT : An Intelligence Accumulator!

April 2022

NOKOYAWA: Another Stealthy Ransomware!

NOKOYAWA: Another Stealthy Ransomware!

SunCrypt Ransomware : Maze Re-incarnated

SunCrypt Ransomware : Maze Re-incarnated

APT28

APT28

March 2022

Zeoticus 2.0 : an offline payload executer!

Zeoticus 2.0 : an offline payload executer!

Copy no Jutsu : Sidecopy emulates Sidewinder to confuse security community

Copy no Jutsu : Sidecopy emulates Sidewinder to confuse security community

Cuba Ransomware : Incited by Hanictor

Cuba Ransomware : Incited by Hanictor

The Lapsus$ Group: Brazen, notorious and chaotic extortionists

The Lapsus$ Group: Brazen, notorious and chaotic extortionists

February 2022

Lazarus Group - The Most Notorious Group

Lazarus Group - The Most Notorious Group

White Rabbit: FIN8 Group's New Pet ?

White Rabbit: FIN8 Group's New Pet ?

Sugar Ransomware - RaaS for common man?

Sugar Ransomware - RaaS for common man?

BlackCat Ransomware - Known for its sophistication

BlackCat Ransomware - Known for its sophistication

Connect with us

Contact our specialists for more information

connect with us