February 29, 2024 at 10:42AM The joint Cybersecurity Advisory (CSA) highlights the Phobos ransomware threat, observed as recently as February 2024. It describes the ransomware’s tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and provides recommendations from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information … Read more
February 27, 2024 at 06:15AM Security Operations Centers (SOC) professionals rely on processing alerts swiftly. Threat intelligence platforms, such as ANY.RUN’s Threat Intelligence Lookup, facilitate SOC investigations by providing access to threat data and enhancing threat analysis. These platforms offer deeper visibility into threats, faster alert investigations, proactive threat hunting, and support informed decision-making. From … Read more
January 17, 2024 at 11:36AM CISA and FBI have issued a joint advisory warning about Androxgh0st malware creating a botnet to target vulnerable networks. The malware primarily targets .env files containing sensitive information for AWS, Microsoft Office 365, SendGrid, and Twilio. It can abuse SMTP for scanning, exploit stolen credentials and APIs, and deploy web … Read more
November 21, 2023 at 11:29AM This joint Cybersecurity Advisory (CSA) aims to provide network defenders with information about the LockBit 3.0 ransomware and its exploitation of the CVE-2023-4966 vulnerability affecting Citrix NetScaler web application delivery control (ADC) and NetScaler Gateway appliances. The CSA includes tactics, techniques, and indicators of compromise (IOCs) obtained from various organizations, … Read more