Flavio Negrini

Oct 7, 2024 | securelist.com | Kaspersky ICS CERT |Anna Larkina |Flavio Negrini |Anna Pavlovskaya

IntroductionIn July 2021, a campaign was launched primarily targeting Russian government agencies and industrial enterprises. Shortly after the campaign started, we began tracking it, and published three reports in August and September 2024 through our threat research subscription on the threat actor we named Awaken Likho (also named by other vendors as Core Werewolf).

Oct 4, 2024 | securelist.com | Anna Larkina |Flavio Negrini |Alexander Kryazhev |Denis Sitchikhin

While trying to deliver malware on victims’ devices and stay on them as long as they can, sometimes attackers are using quite unusual techniques. In a recent campaign starting in 2022, unknown malicious actors have been trying to mine cryptocurrency on victims’ devices without user consent; they’ve used large amounts of resources for distribution, but what’s more, used multiple unusual vectors for defense evasion and persistence. One of these vectors was abusing the open-source SIEM “Wazuh” agent.

Oct 2, 2024 | securelist.com | Mohamad Amin Hasbini |Anna Larkina |Flavio Negrini |Dmitry Kalinin

IntroductionIn the ever-evolving landscape of cybersecurity, logs, that is information collected from various sources like network devices, endpoints, and applications, plays a crucial role in identifying and responding to threats. By analyzing this data, organizations can detect anomalies, pinpoint malicious activity, and mitigate potential cyberattacks before they cause significant damage. However, the sheer volume and complexity of logs often make them challenging to analyze effectively.

Oct 1, 2024 | securelist.com | Anna Larkina |Flavio Negrini |Dmitry Kalinin |Anna Pavlovskaya

Key Group, or keygroup777, is a financially motivated ransomware group primarily targeting Russian users. The group is known for negotiating with victims on Telegram and using the Chaos ransomware builder. The first public report on Key Group’s activity was released in 2023 by BI.ZONE, a cybersecurity solutions vendor: the attackers drew attention when they left an ideological note during an attack on a Russian user, in which they did not demand money.

Sep 24, 2024 | securelist.lat | Anna Larkina |Flavio Negrini |Eduardo Ovalle |Abdul Rhman Alfaifi

El rastreo web se ha convertido en un aspecto omnipresente de nuestra vida en Internet. Ya sea que naveguemos por las redes sociales o juguemos videojuegos, compremos productos o simplemente leamos artículos de noticias, el rastreo web funciona de forma discreta y silenciosa en nuestras sesiones de navegación, y cuenta con millones de procesadores en miles de centros de datos de todo el mundo funcionando sin parar y a pleno rendimiento.