Recent Posts
Related Families: Dtrack, Dora RAT, TigerRAT, SmallTiger, LightHand, ValidAlpha
Verticals Targeted: Military, Defense, Engineering, Technology, Education, Construction, Manufacturing, Gambling, Energy
Executive Summary
Last week, the US Department of Justice (DOJ) indicted Rim Jong Hyok, an individual allegedly affiliated with Silent Chollima. The group has been active since at least 2014 and is known to conduct espionage operations on behalf of North Korea.
Related Families: Macma, Suzafk
Verticals Targeted: NGO
Executive Summary
Evasive Panda recently updated its arsenal to include new TTPs and updated versions of existing malware. They were also observed using a shared framework for malware targeting Windows, Linux, MacOS, and Android systems.
Executive Summary
A Linux variant of Play ransomware has been observed that is capable of targeting ESXi environments.
Related Families: MuddyRot aka BugSleep
Verticals Targeted: Transportation, Government, Media, Travel
Executive Summary
Iran nexus threat actor group MuddyWater was recently observed using a new backdoor to target entities in the Middle East. Dubbed MuddyRot by Sekoia and BugSleep by Check Point Research, the backdoor appears to indicate a shift in MuddyWater’s TTPs.
Verticals Targeted: Real Estate, Education, Professional Services, Healthcare, Manufacturing
Executive Summary
Eldorado is a relatively new ransomware as a service (RaaS) that targets both Windows and Linux systems. The ransomware has already claimed 16 victims and is gaining momentum.
Executive Summary
Pakistan-based threat actor group Mythic Leopard was recently observed using new CapraRAT samples to expand their targeting.
Verticals Targeted: Technology, Education, Manufacturing, Transportation, Government