Category: Sekoia.io Blog

The Filigran x Sekoia.io partnership announcement is an opportunity to put the spotlight back on the benefits of the integration between OpenCTI and Sekoia Threat Intelligence. La publication suivante Combining Sekoia Intelligence and OpenCTI est un article de Sekoia.io Blog. This article…

Read more →

This blog post provides an in-depth analysis of PikaBot, focusing on its anti-analysis techniques implemented in the different malware stages. La publication suivante PikaBot: a Guide to its Deep Secrets and Operations est un article de Sekoia.io Blog. This article…

Read more →

This time, we’re not revealing a new cyber threat investigation or analysis, but I want to share some insights about the team behind all Sekoia Threat Intelligence and Detection Engineering reports. Let me introduce you to the Sekoia TDR team.…

Read more →

This report was originally published for our customers on 14 May 2024. Executive summary Introduction On the eve of 2024, an election year in which more than 54% of the world’s population will be called to the polls, the pro-Russian…

Read more →

This report was originally published for our customers on 14 May 2024. Executive summary Introduction On the eve of 2024, an election year in which more than 54% of the world’s population will be called to the polls, the pro-Russian…

Read more →

The managed security service market is blooming. Statista states it’s projected to reach 65.53 billion U.S. dollars in 2028. Although this forecast looks promising, MSSPs still compete and seek the right tools to manage multiple clients and enhance their offerings.…

Read more →

In the constantly evolving cybersecurity landscape, Sekoia.io is at the forefront of crafting sophisticated detection engineering strategies. This blog post dives into our approach to security and more specifically in the creation of detection rules. Aimed at both our existing…

Read more →

This report was originally published for our customers on 2 May 2024. As part of our critical vulnerabilities monitoring routine, Sekoia’s Threat & Detection Research (TDR) team deploys and supervises honeypots in different locations around the world to identify potential…

Read more →

Executive Summary Introduction 2024 marks a pivotal moment in global politics as an unusual number of elections have and will take place across various nations, encompassing approximately 54% of the world’s population. Elections serve as keystone events in democratic societies,…

Read more →

Key Takeaways In September 2023, we successfully sinkholed a command and control server linked to the PlugX worms. For just $7, we acquired the unique IP address tied to a variant of this worm, which had been previously documented by…

Read more →

The global shift towards cloud computing is undeniable. According to Statista, the worldwide public cloud computing market continues to grow and is expected to reach an estimated 679 billion U.S. dollars in 2024. AWS, Azure and Google Cloud services dominate…

Read more →

The global shift towards cloud computing is undeniable. According to Statista, the worldwide public cloud computing market continues to grow and is expected to reach an estimated 679 billion U.S. dollars in 2024. AWS, Azure and Google Cloud services dominate…

Read more →

A broad introduction to AWS logs sources and relevant events for detection engineering La publication suivante AWS Detection Engineering est un article de Sekoia.io Blog. This article has been indexed from Sekoia.io Blog Read the original article: AWS Detection Engineering

Read more →

In 2024, the lines between EDR and XDR are becoming blurred. More and more vendors offer platforms that combine endpoint, network, cloud, and email security. All these tools are designed to block threats, though they differ in terms of scope…

Read more →

Tycoon 2FA has become one of the most widespread AiTM phishing kits over the last few months. La publication suivante Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit est un article de Sekoia.io Blog.…

Read more →

This blogpost was written by Glimps and Sekoia.io teams The Open XDR Platform is an alliance of specialized, complementary cybersecurity solution providers, that provide a rapid, coordinated response to the ever-increasing number and sophistication of cyberattacks. This modular, customizable approach provides analysts and security…

Read more →

This blogpost was written by Glimps and Sekoia.io teams The Open XDR Platform is an alliance of specialized, complementary cybersecurity solution providers, that provide a rapid, coordinated response to the ever-increasing number and sophistication of cyberattacks. This modular, customizable approach provides analysts and security…

Read more →

Tycoon 2FA has become one of the most widespread AiTM phishing kits over the last few months. La publication suivante Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit est un article de Sekoia.io Blog.…

Read more →

Written by World Watch team from CERT Orange Cyberdefense (Marine PICHON, Vincent HINDERER, Maël SARP and Ziad MASLAH) and Sekoia TDR team (Livia TIBIRNA, Amaury G. and Grégoire CLERMONT) TL;DR Introduction On 25 January 2024 Microsoft released public guidance on…

Read more →

Indicators of Compromise (IOCs) serve as signals, hinting at potential security breaches or ongoing cyberattacks. These indicators consolidated in a single database range from IP addresses to file hashes and act as early warning signs, enabling organizations to detect and…

Read more →