Security Operations Center (SOC) Tier 1 and 2 analysts play a critical role in protecting organizational …
Author: Team-Cymru
Analysis of an Android Malware-as-a-Service Operation
Coper, a descendant of the ,,Exobot malware family, was ,,first observed in the wild in July 2021, targeting Colombian Android users. At that time, …
A Data-Driven Approach Based on Analysis of Network Telemetry
In this blog post, we will provide an update on our high-level analysis of QakBot infrastructure, following on from our previous …
Introduction
In this blog post, we will provide an update on our continued analysis and tracking of infrastructure associated with IcedID’s BackConnect (BC) protocol; a continuation of the analysis we …
A Data-Driven Approach based on Analysis of Network Telemetry
This blog post seeks to draw out some high-level trends and anomalies based on our ongoing tracking of QakBot command and …
Six reasons why going faster with Cyber Threat Reconnaissance is mission critical
Introduction
Cyber Threat Reconnaissance is a critical aspect of any cybersecurity strategy. With cyber attacks becoming more frequent …
Identifying Connected Infrastructure and Management Activities
Introduction
This blog post seeks to build on recent public reporting on campaigns attributed to SideCopy, a Pakistani-linked threat group. SideCopy has been active …