Detection engineering at scale: one step closer (part three) Table of contentsDo not leave out all the restMonitoring detection rulesDetection... 2025-3-5 09:47:16 | 阅读: 7 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io dashboards kpis monitoring rejection malicious

PolarEdge: Unveiling an uncovered IOT Botnet 报告分析了PolarEdge僵尸网络利用CVE-2023-20118漏洞攻击多种设备的情况，包括 Cisco 路由器、Asus、QNAP 和 Synology 等，并详细描述了恶意软件的结构、基础设施及潜在威胁。... 2025-2-25 08:31:21 | 阅读: 100 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io payload attacker polaredge analysis asus

Cyber threats impacting the financial sector in 2024 – focus on the main actors 本文分析了2024年针对金融行业的网络威胁与国家支持的入侵活动。初始访问经纪人（IABs）、勒索软件、恶意软件及钓鱼攻击对金融机构构成严重威胁。同时，朝鲜、伊朗及中国等国家支持的APT组织通过网络间谍、经济收益及破坏活动进一步加剧风险。这些行为不仅导致财务损失与声誉损害，还凸显出金融生态系统的脆弱性及供应链安全的重要性。... 2025-2-20 09:1:18 | 阅读: 23 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io ransomware phishing sponsored lucrative apts

Sekoia.io achieves ISO 27001 compliance tag:blogger.com,1999:blog-6921014549873020749Wed, 06 Nov 2024 02:55:58 +0000toolsweb securityconfere... 2025-2-13 07:2:13 | 阅读: 33 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io justify spacing webkit helvetica 2px

RATatouille: Cooking Up Chaos in the I2P Kitchen 本文分析了多阶段远程访问木马I2PRAT，其通过特权提升、进程迁移和动态API解析等技术逃避检测，并利用I2P匿名网络隐藏C2通信。此外，该恶意软件禁用Windows Defender功能并创建持久化服务以确保长期存在。... 2025-2-11 13:47:15 | 阅读: 30 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io c2 i2prat cnccli loader privileges

Detection engineering at scale: one step closer (part two) Table of contentsThe catalyst: an approach to detection engineering at scaleDetect... 2025-2-4 09:47:42 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io crucial catalyst parsers sekoia development

Targeted supply chain attack against Chrome browser extensions Table of contentsContextSupply chain attack overviewTargeted phishing attacks agai... 2025-1-22 11:46:25 | 阅读: 45 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io chrome malicious phishing chatgpt c2

Transition from IBM QRadar to Sekoia for a modern & rewarding experience Table of contentsBenefit from a cloud-native SOC platformLeverage cutting-edge det... 2025-1-20 12:1:30 | 阅读: 26 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io sekoia qradar security sigma cti

Sneaky 2FA: exposing a new AiTM Phishing-as-a-Service Table of contentsIntroductionCharacteristics of Sneaky 2FAURL patternsAnti-bot and... 2025-1-16 09:46:34 | 阅读: 30 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io phishing sneaky microsoft analysis

Double-Tap Campaign : Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations This report was originally published for our customers on 12 December 2024.Tab... 2025-1-13 09:17:25 | 阅读: 42 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io hatvibe kazakhstan 0063 malicious sekoia

PlugX worm disinfection campaign feedbacks Table of contentsFrom theory to practicePlugX worm disinfection campaign resultsCo... 2024-12-26 09:31:25 | 阅读: 14 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io tdr autonomous plugx sinkhole

Happy YARA Christmas! Table of contentsWhat is YARA?YARA rules at Sekoia.ioRule creation processCustom t... 2024-12-19 09:17:16 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io sekoia malicious tdr ariane analysis

Detection engineering at scale: one step closer (part one) Table of contentsA Two-Faced issueAttackers on the riseDefense all over the placeP... 2024-12-16 09:16:52 | 阅读: 27 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io microsoft aitm attackers faced

The story behind Sekoia.io Custom Integrations Since launching in 2017, Sekoia.io has made a name for itself with its groundbreak... 2024-12-12 16:47:19 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io sekoia hackathon creativity stage amazing

Blocklist in Sekoia On a calm Friday afternoon, rumors of a new active threat starts hitting the vario... 2024-12-3 18:46:39 | 阅读: 16 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io sekoia security blocklist network dates

Helldown Ransomware: an overview of this emerging threat This report on Helldown was originally published for our customers on 14 November... 2024-11-19 16:1:25 | 阅读: 34 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io ransomware helldown zyxel analysis darkrace

A three beats waltz: The ecosystem behind Chinese state-sponsored cyber threats What's next... 2024-11-13 23:16:23 | 阅读: 23 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io clickfix tactic mssp outsourced revenge

ClickFix tactic: Revenge of detection This report on ClickFix was originally published for our customers on 22 October 2... 2024-11-5 16:16:22 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io clickfix powershell network mshta payload

ClickFix tactic: The Phantom Meet Table of contentsContextClickFix in the wildChronological overview of ClickFix cam... 2024-10-17 16:46:26 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io clickfix traffers payload sekoia c2

Mastering SOC complexity: Optimizing access management with Sekoia Defend Table of contentsManaging access across teams: The challenge in SOC modelsHow Seko... 2024-10-10 17:46:58 | 阅读: 11 | 收藏 | Over Security - Cybersecurity news aggregator - blog.sekoia.io security sekoia defend segregation intakes