October 16, 2024 at 06:36AM To effectively combat cyber threats, organizations must stay informed about the threat landscape. Analysts can enhance investigations by utilizing techniques like pivoting on Command and Control IPs, analyzing URLs, employing MITRE TTPs, using YARA rules, and examining command line artifacts. ANY.RUN’s TI Lookup tool facilitates these processes. **Meeting Takeaways: Cyber … Read more
February 28, 2024 at 12:26PM The Lazarus Group exploited a zero-day flaw in the Windows AppLocker driver to gain kernel-level access and disable security tools. Avast analysts reported the activity, leading to a fix by Microsoft (CVE-2024-21338). The new FudModule rootkit by Lazarus includes advanced evasion techniques. Avast also discovered a previously undocumented RAT used … Read more
January 18, 2024 at 09:12AM Google has warned about the Russian threat group ColdRiver known for phishing attacks and developing custom malware. Tracked as Star Blizzard, Callisto Group, and others, the group is linked to Russia’s FSB. US and UK governments have issued warnings and sanctions. Google discovered the Spica backdoor malware used for cyberespionage … Read more