On January 10, 2024, Ivanti issued a warning regarding two high-severity zero-day vulnerabilities (CVE-2023-46805 and CVE-2024-218871) in Ivanti Connect Secure VPN. These vulnerabilities allow for authentication bypass and command injection within the web components...
ThreeAM ransomware Key findings In this report are presented: Intrinsec’s CTI analysts unveil a new extortion scheme being tested by ThreeAM via X (previously known as Twitter). Bots could have been used to automatically name and shame amongst followers of its...
Cette publication est la partie 1 de 2 dans la série Kerberos OPSECWe are starting a series of articles in which we share a summary of the OPSEC practices to be taken into account on the red team side, and the detection strategies that can be put in place by SOC teams...
Context During the first half of 2023, CERT Intrinsec handled several incidents involving Akira ransomware group. Companies detected ransomware’s presence, either by reacting to alerts triggered by their security solutions, or, in worst case, by encountering...
Introduction du dispositif Cyberscore Alors que nous vivons dans un monde de plus en plus numérisé, la question de la sécurité de nos données personnelles demeure au cœur des préoccupations. Qui n’a pas entendu parler d’une cyberattaque ces dernières années ? C’est...
Here is a retrospective of the major trends observed by Intrinsec’s Cyber Threat Intelligence team regarding the month of September 2023. This cybercrime threat landscape analysis will particularily highlight : Increase of ransomware attacks between August &...
LummaC2 Stealer Key findings In this report are presented: Lumma Stealer, also known as LummaC2 Stealer, is a malware-as-a-service sold through Telegram and Russian-speaking cybercrime forums. In this report, the following will be addressed: The presence of Lumma in...
Cyber Threats targetting the energy industry GuLoader Information report Key findings In this report are presented: The origin of the malware and information about the company running it. How multiple companies from the energy sector including, three French companies...
Here is a retrospective of the major trends observed by Intrinsec’s Cyber Threat Intelligence team regarding the month of August 2023. This cybercrime threat landscape analysis will particularily highlight : Decrease of ransomware attacks between July &...