In the ever-evolving landscape of cybersecurity, the battle against threats demands a multi-faceted approach. Organizations, now more than ever, need to leverage comprehensive Threat Intelligence to stay ahead of adversaries. At the forefront of this defense is Sekoia.io, a leading…
Category: Sekoia.io Blog
The Architects of Evasion: a Crypters Threat Landscape
In this report, we introduce key concepts and analyse the different crypter-related activities and the lucrative ecosystem of threat groups leveraging them in malicious campaigns. La publication suivante The Architects of Evasion: a Crypters Threat Landscape est un article de…
NoName057(16)’s DDoSia project: 2024 updates and behavioural shifts
Context Since the onset of the War in Ukraine, various groups identified as “nationalist hacktivists” have emerged, particularly on the Russian side, to contribute to the confrontation between Kyiv and Moscow. Among these entities, the pro-Russian group NoName057(16) has garnered…
The Predator spyware ecosystem is not dead
Context In September and October 2023, several open source publications, part of the Predator Files project coordinated by the European Investigative Collaborations, exposed the use of the Predator spyware by customers of Intellexa surveillance solutions. The intrusion set related to…
Playbooks on-prem
Automation plays a pivotal role in streamlining operations, enhancing security posture, and minimizing risks. However, executing automation tasks can still be challenging for organizations with on-premises infrastructure due to technical complexities and constraints. To address this challenge, Sekoia.io has recently…
Scattered Spider laying new eggs
This report provides an overview of the Scattered Spider evolution, its modus operandi and the toolset leveraged over the past years. Additionally, it delves into the Scattered Spider TTPs, as well as the latest ongoing campaigns, including their current targets.…
How Sekoia Endpoint Agent works
According to Global Cybersecurity Outlook 2024 by WEF, 29% of organizations reported that they had been materially affected by a cyber incident in the past 12 months. Due to increasing risks and expanded attack surface, companies seek to establish reliable…
How Sekoia Endpoint Agent works
According to Global Cybersecurity Outlook 2024 by WEF, 29% of organizations reported that they had been materially affected by a cyber incident in the past 12 months. Due to increasing risks and expanded attack surface, companies seek to establish reliable…
Adversary infrastructures tracked in 2023
Context Throughout 2023, Sekoia.io’s Threat Detection & Research (TDR) team actively tracked and monitored adversary C2 infrastructures set up and used by lucrative and state-sponsored intrusion sets to carry out malicious cyber activities. Our analysts identified more than 85,000 IP…
Adversary infrastructures tracked in 2023
Context Throughout 2023, Sekoia.io’s Threat Detection & Research (TDR) team actively tracked and monitored adversary C2 infrastructures set up and used by lucrative and state-sponsored intrusion sets to carry out malicious cyber activities. Our analysts identified more than 85,000 IP…