Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

COVID-19 & Cyber Threats Report

As the ongoing COVID-19 (Coronavirus) pandemic spreads around the world, the unprecedented and evolving global situation has created numerous opportunities for threat actors to leverage the worldwide concern and anxiety in their nefarious campaigns. Cyberint Research is closely monitoring the cyber threats leveraging COVID-19 pandemic. As part of those activities, our team compiled a summary addressing the initial activities we detected.

Konni Malware Campaign

Throughout 2019 CyberInt Research observed multiple events related to Konni, remote administration tool, observed in the wild since early 2014. The Konni malware family is potentially linked to APT37, a North-Korean cyber espionage group active since 2012. The group primary victims are South-Korean political organizations, as well as Japan, Vietnam, Russia, Nepal, China, India, Romania, Kuwait, and other parts of the Middle East.

Threat Hunting with The MITRE ATT&CK Framework

As a result of this ever-increasing volume and sophistication, SOC’s and SIEM’s using traditional, reactive measures are overwhelmed. More and more organizations are turning to detection and response solutions which combine threat intelligence and cyber expertise, to uncover and remediate threats as early as possible, and also to mitigate risk of future attacks.

Reduce Time To Remediate Threats: Lessons from a major US retailer

2019 has become another record-breaking year in eCommerce. This unprecedented growth has a dark side - since an overwhelming 71% of security incidents are financially motivated, digital retailers are becoming even more attractive targets for cyber attacks and fraud. As we near 2020, digital retailers will have to work hard to protect their digital assets. Here are a few factors that will make this task harder than ever.

Awarding CyberInt's Security Efforts

CyberInt researchers invest significant time and effort into researching and trying to mitigate the next cyber attack. In addition, breach reports that detail the mode of attack and how it was discovered are published freely with the aim of sharing the knowledge. While this is not the purpose behind our research, it is nice to be recognized. We have been amassing awards and recognition recently, and have been identified as a Top 100 MSSP (Managed Security Services Provider).

The Risks of Smartphone and MFA Usage in Organizations

Smartphones have become essential in workplaces for boosting productivity, but they bring their own set of security challenges. Apps like Microsoft Authenticator add an extra security layer, but they also have their vulnerabilities: If a smartphone with an app like Microsoft Authenticator is compromised, the consequences can be severe for a company.

BianLian Ransomware: Victimology and TTPs

BianLian is a threat actor known for operating the BianLian ransomware. Initially, it emerged as an Android banking trojan back in 2019. Much like the traditional Chinese art of “face-changing” from which it takes its name, BianLian has displayed impressive adaptability. It has transitioned its activities to primarily focus on ransomware attacks, first appearing as a ransomware strain in July 2022.