Tag: Sekoia.io Blog

This report was originally published for our customers on 14 May 2024. Executive summary Introduction On the eve of 2024, an election year in which more than 54% of the world’s population will be called to the polls, the pro-Russian…

Read more →

The managed security service market is blooming. Statista states it’s projected to reach 65.53 billion U.S. dollars in 2028. Although this forecast looks promising, MSSPs still compete and seek the right tools to manage multiple clients and enhance their offerings.…

Read more →

In the constantly evolving cybersecurity landscape, Sekoia.io is at the forefront of crafting sophisticated detection engineering strategies. This blog post dives into our approach to security and more specifically in the creation of detection rules. Aimed at both our existing…

Read more →

This report was originally published for our customers on 2 May 2024. As part of our critical vulnerabilities monitoring routine, Sekoia’s Threat & Detection Research (TDR) team deploys and supervises honeypots in different locations around the world to identify potential…

Read more →

Executive Summary Introduction 2024 marks a pivotal moment in global politics as an unusual number of elections have and will take place across various nations, encompassing approximately 54% of the world’s population. Elections serve as keystone events in democratic societies,…

Read more →

Key Takeaways In September 2023, we successfully sinkholed a command and control server linked to the PlugX worms. For just $7, we acquired the unique IP address tied to a variant of this worm, which had been previously documented by…

Read more →

The global shift towards cloud computing is undeniable. According to Statista, the worldwide public cloud computing market continues to grow and is expected to reach an estimated 679 billion U.S. dollars in 2024. AWS, Azure and Google Cloud services dominate…

Read more →

The global shift towards cloud computing is undeniable. According to Statista, the worldwide public cloud computing market continues to grow and is expected to reach an estimated 679 billion U.S. dollars in 2024. AWS, Azure and Google Cloud services dominate…

Read more →

A broad introduction to AWS logs sources and relevant events for detection engineering La publication suivante AWS Detection Engineering est un article de Sekoia.io Blog. This article has been indexed from Sekoia.io Blog Read the original article: AWS Detection Engineering

Read more →

In 2024, the lines between EDR and XDR are becoming blurred. More and more vendors offer platforms that combine endpoint, network, cloud, and email security. All these tools are designed to block threats, though they differ in terms of scope…

Read more →

Tycoon 2FA has become one of the most widespread AiTM phishing kits over the last few months. La publication suivante Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit est un article de Sekoia.io Blog.…

Read more →

This blogpost was written by Glimps and Sekoia.io teams The Open XDR Platform is an alliance of specialized, complementary cybersecurity solution providers, that provide a rapid, coordinated response to the ever-increasing number and sophistication of cyberattacks. This modular, customizable approach provides analysts and security…

Read more →

This blogpost was written by Glimps and Sekoia.io teams The Open XDR Platform is an alliance of specialized, complementary cybersecurity solution providers, that provide a rapid, coordinated response to the ever-increasing number and sophistication of cyberattacks. This modular, customizable approach provides analysts and security…

Read more →

Tycoon 2FA has become one of the most widespread AiTM phishing kits over the last few months. La publication suivante Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit est un article de Sekoia.io Blog.…

Read more →

Written by World Watch team from CERT Orange Cyberdefense (Marine PICHON, Vincent HINDERER, Maël SARP and Ziad MASLAH) and Sekoia TDR team (Livia TIBIRNA, Amaury G. and Grégoire CLERMONT) TL;DR Introduction On 25 January 2024 Microsoft released public guidance on…

Read more →

Indicators of Compromise (IOCs) serve as signals, hinting at potential security breaches or ongoing cyberattacks. These indicators consolidated in a single database range from IP addresses to file hashes and act as early warning signs, enabling organizations to detect and…

Read more →

In the ever-evolving landscape of cybersecurity, the battle against threats demands a multi-faceted approach. Organizations, now more than ever, need to leverage comprehensive Threat Intelligence to stay ahead of adversaries. At the forefront of this defense is Sekoia.io, a leading…

Read more →

In this report, we introduce key concepts and analyse the different crypter-related activities and the lucrative ecosystem of threat groups leveraging them in malicious campaigns. La publication suivante The Architects of Evasion: a Crypters Threat Landscape est un article de…

Read more →

Context Since the onset of the War in Ukraine, various groups identified as “nationalist hacktivists” have emerged, particularly on the Russian side, to contribute to the confrontation between Kyiv and Moscow. Among these entities, the pro-Russian group NoName057(16) has garnered…

Read more →

Context In September and October 2023, several open source publications, part of the Predator Files project coordinated by the European Investigative Collaborations, exposed the use of the Predator spyware by customers of Intellexa surveillance solutions. The intrusion set related to…

Read more →