1 day 21 hours ago
In early 2022, we investigated an IIS backdoor called SessionManager. It has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.
1 week 1 day ago
We want to familiarize the reader with the different stages of ransomware deployment and provide a visual guide to defending against targeted ransomware attacks.
Nikita Nazarov, Vasily Davydov, Natalya Shornikova, Vladislav Burtsev, Danila Nasonov
1 week 3 days ago
ToddyCat is a relatively new APT actor responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Its main distinctive signs are two formerly unknown tools that we call ‘Samurai backdoor’ and ‘Ninja Trojan’.
1 week 4 days ago
How is technical attribution carried out? What are the key challenges in conducting reliable technical attribution? How can this be more accessible to the multitude of stakeholders? Below are our reflections on these questions.
Ivan Kwiatkowski, Anastasiya Kazakova, Julia Ryng, Kenddrick Chan
Subscribe to Securelist feed
2 hours 28 minutes ago