Detection Engineering Archives - Sekoia.io Blog
April 22 2025| Sekoia.io Blog
This report explores current trends in the AitM phishing landscape and the prevalence of leading kits. La publication suivante Global analysis of Adversary-in-the-Middle phishing threats est un article de Sekoia.io Blog.| Sekoia.io Blog
Analysis of the CVE-2025-32432 compromise chain by Mimo: exploitation, loader, crypto miner, proxyware, and detection opportunities.| Sekoia.io Blog
Discover ViciousTrap, a newly identified threat who turning edge devices into honeypots en masse targeting| Sekoia.io Blog
During our daily tracking and analysis routine at Sekoia TDR team (Threat Detection & Research), we have been monitoring an attacker infrastructure internally called “Cloudflare tunnel infrastructure to deliver multiple RATs”. This infrastructure is used by several actors to host malicious files and deliver remote access trojans (RAT). Several security vendors (Forcepoint, Fortinet, Orange, Proofpoint) […] La publication suivante Detecting Multi-Stage Infection Chains Madness est un...| Sekoia.io Blog
Introduction Interlock is a ransomware intrusion set first observed in September 2024 that conducts Big Game Hunting and double extortion campaigns. Interlock cannot be classified as a “Ransomware-as-a-Service” (RaaS) group, as no advertisements for recruiting affiliates or information about affiliates have been found as of March 2025. As many other ransomware groups, Interlock has a […] La publication suivante Interlock ransomware evolving under the radar est un article de Sekoia.io Blog.| Sekoia.io Blog
Discover how Lazarus leverages fake job sites in the ClickFake Interview campaign targeting crypto firms using the ClickFix tactic.| Sekoia.io Blog
ClearFake is a malicious JavaScript framework deployed on compromised websites to deliver malware through the drive-by download technique. When it first emerged in July 2023, the injected code was designed to display a fake web browser download page, tricking users into downloading counterfeit browser updates. By May 20241, ClearFake adopted the new social engineering tactic ClickFix, displaying fake error messages in the web browser and deceiving users into copying and executing a given mali...| Sekoia.io Blog
Discover PolarEdge, a newly identified botnet targeting edge devices via CVE-2023-20118, using a stealthy TLS backdoor.| Sekoia.io Blog
Delve into Finance-related cyber threats in 2024. Our report highlights major actors and tactics impacting the financial sector.| Sekoia.io Blog
Discover the challenges of ClickFix12 and the newly identified I2PRAT. Uncover the advanced techniques employed by this multi-stage RAT.| Sekoia.io Blog
