Mar 12 · 5 min read · The Interlock ransomware group just crossed a line that cybersecurity experts have been dreading. They're using AI to generate custom malware variants, starting with something called Slopoly malware that's showing up in active attacks. This isn't som...
Join discussionMar 2 · 3 min read · The Threat Microsoft Threat Intelligence has issued a warning about a campaign targeting gamers through fake versions of popular tools like Xeno and Roblox PlayerBeta. These trojanized executables are being distributed through browsers and chat platf...
Join discussionFeb 19 · 3 min read · Today we’re investigating another LetsDefend alert: SOC164 – Suspicious Mshta Behavior This alert focuses on detecting suspicious usage of a legitimate Windows binary often abused by attackers. 🔎 Alert Overview From the monitoring page, we are pro...
Join discussion
Feb 17 · 3 min read · Today we’re investigating another LetsDefend alert: SOC282 – Phishing Alert: Deceptive Mail Detected This alert focuses on identifying whether a suspicious email is malicious and determining the appropriate response actions. 🔎 Alert Overview From ...
Join discussion
Feb 5 · 6 min read · Introduction Ever wondered how antivirus software acts like a vigilant bouncer at a club, spotting troublemakers before they crash the party? Or how cybersecurity pros play detective, tracking elusive malware across the internet like fingerprints at ...
Join discussion
Feb 5 · 4 min read · Today, we are going to re-investigate SOC146 – Phishing Mail Detected (Excel 4.0 Macros).This alert is particularly interesting because I had investigated it almost a year ago, and revisiting it now helps reinforce how phishing investigations evolve ...
Join discussion
Feb 3 · 7 min read · Tổng quan CPR ghi nhận một chiến dịch phishing mới do KONNI – nhóm APT hoạt động từ ít nhất 2014 – đang thực hiện. Nhóm này vốn nổi tiếng với các hoạt động gián điệp nhắm vào Hàn Quốc, tập trung vào cộng đồng ngoại giao, quan hệ quốc tế, tổ chức phi ...
Join discussion
