EDITO What are the supply chain threats? What’s a picture of the current situation? Since 2019, there has been a growing focus on third-party attacks. With good reason: CyberArck estimates in a study from 2022 that 71% of organizations suffered…
Author: CERT-W
FOCUS TECH MAUI Sources: https://www.cisa.gov/uscert/ncas/alerts/aa22-187a https://stairwell.com/wp-content/uploads/2022/07/Stairwell-Threat-Report-Maui-Ransomware.pdf https://securelist.com/andariel-deploys-dtrack-and-maui-ransomware/107063/ Ransomware Activity Presentation of the figures collected by our tool on the data given by the RaaS platforms about their successful attacks. This graph gives an estimation of the number of victims…
FOCUS TECH Bumblebee Initial Access (TA0001) Execution (TA0002) Persistence (TA0003) Privilege Escalation (TA0004) Phishing: Spearphishing Attachment T1566.001 Command and Scripting Interpreter: Visual Basic T1059.005 Scheduled Task/Job T1053 Process Injection: Dynamic-link Library Injection T1055.001 Phishing: Spearphishing Link T1566.002 Windows Management Instrumentation…
DECRYPTION The marketplaces of stolen data Which type of data are sold? The different platforms of marketplaces sell different types of data. While some platforms are really focused on selling one specific “product” (eg. hacking forums where Initial Access to…
Overview Spring is a lightweight opensource application framework for Java. It allows for easy development and testing of Java applications. Spring is used to create Java enterprise applications. It provides means to build applications and supports different scenarios.…
FOCUS TECH Conti Kill Chain SOURCES : CERT-W: FROM THE FRONT LINE The First Responder Word READING OF THE MONTH We recommend the interview of Pompompurin, a cyber activist who’s work ranges from leaking the data of thousands of…
DECRYPTION THE RISE OF INITIAL ACCESS BROKERS As seen in the underground economy edition, the cybercriminal economy relies on the professionalization and specialization of its system. Among the main actors of this ecosystem, such as the Bullet Proof Hoster or…
TECH FOCUS SysJoker: Windows Version To produce this tech focus, we used data from: New SysJoker Backdoor Targets Windows, Linux, and macOS - Intezer CERT-W: FROM THE FRONT LINE The First Responder Word Reading Of The Month To learn more about…
THE ROLE OF DECRYPTION TOOL AGAINST THE RANSOMWARE THREAT The ransomware threat is increasing continuously and is now considered a national threat for countries, such as the US, France, or the UK. Last summer, the Virtual System Administrator (VSA) edited…
FOCUS TECH File Obfuscation Discover Cobalt Strike capabilities with the technical zoom of the month: To learn more about the given malwares: Cobalt Strike Training videos CERT-W: FROM THE FRONT LINE The First Responder Word We recommend the 2021 Benchmark…