Threat Spotlight: WarmCookie/BadSpace
CategoryDetailsThreat ActorsTA866 (also known as Asylum Ambuscade)Campaign OverviewWarmCookie is distributed through malspam and malvertising campaigns…
Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia
CategoryDetailsThreat ActorsCrypt GhoulsCampaign OverviewTargeted Russian businesses and government agencies with ransomware.Target Regions (Or Victims)Russian businesses…
UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants
CategoryDetailsThreat ActorsUAT-5647 (also known as RomCom) - Russian-speaking groupCampaign OverviewActive since late 2023, targeting Ukrainian…
Stealer here, stealer there, stealers everywhere!
CategoryDetailsThreat ActorsCybercriminals distributing information stealers, often via subscription services for novice hackers.Campaign OverviewDistribution of information…
Royal Mail Lures Deliver Open Source Prince Ransomware
CategoryDetailsThreat ActorsUnknown, likely using the Prince ransomware builder from GitHub.Campaign OverviewRansomware campaign impersonating Royal Mail,…
Targeted Iranian Attacks Against Iraqi Government Infrastructure
CategoryDetailsThreat ActorsIranian state-affiliated group, potentially linked to MOIS and APT34.Campaign OverviewAttacks on Iraqi government infrastructure…
BlindEagle flying high in Latin America
CategoryDetailsThreat ActorsBlindEagle (APT-C-36)Campaign OverviewTargeting entities in Latin America (primarily Colombia) with espionage and financial attacks.Target…
CloudSorcerer – A new APT targeting Russian government entities
CategoryDetailsThreat ActorsCloudSorcererCampaign OverviewAdvanced persistent threat (APT) targeting Russian government entities, primarily for cyber espionage.Target Regions…
LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign
CategoryDetailsThreat ActorsAPT41, Chinese cyber-espionage group, also known as Double DragonCampaign OverviewEvolution of LightSpy malware with…
OSINT Updates for November 24 , 2024
https://twitter.com/officer_cia/status/1860507851195609273 https://twitter.com/RedPacketSec/status/1860564662917501120 https://twitter.com/RedPacketSec/status/1860561745145713112 https://twitter.com/RedPacketSec/status/1860564664167408058 https://twitter.com/SpyCollection1/status/1860577641645957138 https://twitter.com/RedPacketSec/status/1860561734571892904 https://twitter.com/RedPacketSec/status/1860564667791258032 https://twitter.com/RedPacketSec/status/1860561743933554774