VTPRACTITIONERS{ACRONIS}: Tracking FileFix, Shadow Vector, and SideWinder
Introduction We have recently started a new blog series called #VTPRACTITIONERS. This series aims to share with the community what other practitioners are able to research using VirusTotal from a technical point of view. Our first blog saw our colleagues at SEQRITE tracking UNG0002, Silent Lynx, and DragonClone. In this new post, Acronis Threat Research […] more…Inside of the WASP’s nest: deep dive into PyPI-hosted malware
Photo by Matheus Queiroz on Unsplash In late 2022 we decided to start monitoring PyPI, arguably the most important Python repository, as there were a number of reports on it hosting malware. PyPI took exceptional relevance amongst all repositories as, historically, it was trusted by default by many software developers. Any security breach or abuse […] more…APT43: An investigation into the North Korean group’s cybercrime operations
Introduction As recently reported by our Mandiant’s colleagues, APT43 is a threat actor believed to be associated with North Korea. APT43’s main targets include governmental institutions, research groups, think tanks, business services, and the manufacturing sector, with most victims located in the United States and South Korea. The group uses a variety of techniques and […] more…More information
- Securing Windows and Office in a time of COVID-19: update policies, remote options
- Resolved: Production AIS Service Degradation – November 10
- Microsoft Internet Explorer CVE-2012-0010 Cross Domain Information Disclosure Vulnerability
- UK Data Privacy Watchdog Slashes BA Fine as Virus Bites
- Google will not be prosecuted for Street View Wi-Fi sniffing in Germany
- Microsoft Edge CVE-2016-0186 Scripting Engine Remote Memory Corruption Vulnerability
- New Trojan Used in Attacks Against SWIFT Member Banks
- SNMP Authentication Bypass Plagues Numerous Devices
- Twitter exposed some Android users’ protected tweets, and didn’t notice for over four years
- Snake alert! This ransomware is not a game…