Threat Intelligence

2022 Olympic Winter Games: Prime Ground for Phishing Lures?

Threat actors have notoriously taken advantage of the Olympic Games's popularity to launch malicious campaigns. The "OlympicDestroyer" malware was most notable, using a domain related to the Pyeongchang 2018 Winter Olympics. But the COVID -- 19 bubble in the 2022 Olympic Winter Games may have increased the danger.

Malicious Valentine: Uncovering Thousands of Connections to Romance-Themed Campaign IoCs

Romance-themed malicious campaigns are launched throughout the year, but days leading up to Valentine’s Day could be particularly timely for such activities.

The Irony: Data Privacy Sites Bring Risks Instead of Protection

Many countries celebrate Data Privacy Awareness Week every last week of January. Each year, the National Cyber Security Alliance (NCSA) makes it a point to remind users about the importance of keeping their digital data safe from all kinds of threat actors. In fact, they commemorated this year's Data Privacy Awareness Week with various events.

Exploring BlackTech IoCs Reveals Hundreds of Artifacts in 2022

BlackTech, an APT group known for cyber espionage activities targeting Asia, was recently detected using a new malware called “FlagPro.” NTT Security named some indicators of compromise (IoC) related to the new campaign, including five IP addresses and two subdomains.

REvil Ransomware: What Can We Learn from Published IoCs in 2022?

Ransomware has been one of the biggest threats to Internet users the world over since the malware first surfaced. REvil was one of the most notorious ransomware variants of 2021, pushing the U.S. Department of State to offer a US$10 million reward to anyone who can name and locate REvil gang leaders and up to US$5 million for any of their affiliates in November.

65,000+ NFT-Related Domains and Subdomains: Possible Vehicles for NFT Scams?

Non-fungible token (NFT) scams can come in various forms, but one thing is sure: the threat actors behind them often use domain names, fake websites, and phishing emails.

Illegally Streaming “Spider-Man: No Way Home” Could Be Hazardous to Your Computer

Given the dangers that COVID-19 poses to people's health and the emergence of new variants every so often, it's easy to see why avid moviegoers would resort to streaming instead. But while they may indeed be avoiding the disease, their attempts to download pirated movies is not only illegal -- it could put their computers at risk.

New Zloader Campaign: Where Do IoCs Lead Us?

Zloader, a banking malware that steals sensitive user data, is back with a more sophisticated infection chain. It evades detection while exploiting Microsoft's digital signature verification method.

Gift Cards, Anyone? Watch Out for Fraud and Malware Hosts

Giving gifts the whole year round is normal, but a whole boatload of presents are bought and sold most especially during Christmas and holiday seasons. The end-of-year holidays, unfortunately, also usher in the greatest number of gift card scams. But the world's biggest brands are no longer newbies to the threat, which is why Amazon, iTunes, and Target, among many others, have put up pages where scam victims can report malicious sites and pages.

Log4j Vulnerability: What Do the IoCs Tell Us So Far?

A zero-day vulnerability found in Log4j, a logging library commonly used in Java, was detected on 9 December 2021. The vulnerability known as "CVE -- 2021 -- 44228" or "Log4Shell" enables attackers to execute codes and access all data on an infected machine remotely.