Browsing CategorySecurity News

During the reported period, our MDR processed approximately 65 000 alerts, followed by an investigation that resulted in 1 506 incidents reported to customers, approximately 93% of which were mapped to the MITRE ATT&CK framework.

Spain’s Ministry of the Interior has announced the arrest of 16 individuals connected to the Grandoreiro and Melcoz cybercrime groups. Both are originally from Brazil and form part of the Tetrade umbrella, operating for a few years now in Latin America and Western Europe.

We recently came across unusual APT activity that was detected in high volumes, albeit most likely aimed at a few targets of interest. Further analysis revealed that the actor, which we dubbed LuminousMoth, shows an affinity to the HoneyMyte group, otherwise known as Mustang Panda.

Last week Microsoft warned Windows users about vulnerabilities in the Windows Print Spooler service – CVE-2021-1675 and CVE-2021-34527 (also known as PrintNightmare). We are closely monitoring the situation and improving generic detection of these vulnerabilities.

We found new malware samples used in WildPressure campaigns: newer version of the C++ Milum Trojan, a corresponding VBScript variant with the same version number, and a Python script working on both Windows and macOS.

An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims reportedly have been compromised a popular MSP software which led to encryption of their customers.

Last year, we took a look at how the pandemic influenced the threat landscape for gamers and the gaming industry. One year later, online gamers are even more active, and cybercriminals continue to exploit this.