An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC payload. We speculate that this incident was in the initial...
In this report we provide technical analysis of the GamePlayerFramework deployed by an APT we call DiceyF, which is targeting online casinos in Southeast Asia.
Black Hat 2022 USA Briefings wrapped up this past week, along with its sister conference Defcon 30. Coming back from the COVID hiatus, the conferences were enthusiastically full compared to the 2...
https://securelist.com/black-hat-usa-2022-and-def-con-30/107184/
Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speak...
https://securelist.com/andariel-deploys-dtrack-and-maui-ransomware/107063/
Verizon’s 2020 DBIR is out, you can download a copy or peruse their publication online. Kaspersky was a contributor once again, and we are happy to provide generalized incident data from our un...
A watering hole was discovered on January 10, 2020 utilizing a full remote iOS exploit chain to deploy a feature-rich implant named LightSpy. The site appears to have been designed to target user...
https://securelist.com/ios-exploit-chain-deploys-lightspy-malware/96407/
Cyberwarcon is a brand new event organized yesterday in Arlington, Virginia, and delivered eight hours of fantastic content. The list of speakers was diverse in their interests, from big data vis...
Looking back at a year like 2017 brings the internal conflict of being a security researcher into full view: on the one hand, each new event is an exciting new research avenue for us, as what wer...
https://securelist.com/ksb-threat-predictions-for-2018/83169/
Everyone loves a decent security conference, and BSides Denver provides one with space to breathe. Folks in sunny Colorado looking for a fine local gathering found talks on advanced social engine...
What is most interesting about the StrongPity APT's more recent activity however, is their focus on users of encryption tools, peaking this past summer. In particular, the focus was on Italian an...