Key findings This report presents: The Russian autonomous system PROSPERO (AS200593) could be linked with a high level of confidence to Proton66 (AS198953), another Russian AS, that we believe to be connected to the bulletproof services named ‘SecureHost’...
Key findings This report presents: The Regulations on the Management of Network Product Security Vulnerabilities (RMSV), an extension of China’s 2017 Cybersecurity Law, targeting hardware/software companies as well as cybersecurity researchers. The RMSV...
Key findings The online presence of “all_father”, the user advertising PandorahVNC. The capabilities of PandorahVNC and other known threat actors that were observed using it. An infrastructure related to PandorahVNC which is advertised as “anonvnc” and is linked with...
Key findings Code Signing Technology allows developers to digitally sign their programs, ensuring authenticity and integrity. This can be exploited by malicious actors to bypass security measures, gain privileges, and deceive users with seemingly legitimate...
Key findings How a pivot on the Whois of the C2 domains of Matanbuchus can be leveraged to anticipate future campaigns and wider threats. A seemingly Russia-based Bulletproof hosting service is currently used by impactful intrusion sets leveraging Matanbuchus and...
ThreeAM ransomware Key findings In this report are presented: Intrinsec’s CTI analysts unveil a new extortion scheme being tested by ThreeAM via X (previously known as Twitter). Bots could have been used to automatically name and shame amongst followers of its...