Banking Keylogger leverages EmpireShell Framework
Introduction In the beginning of July 2017, ActiveCanopy Cyber Operations Center was called to support an incident response for a healthcare network system. During the incident response, a malicious file was identified on a compromised host on the network system. After some investigative research, it…
May QBot Persistence and Attack Details
Introduction In May 2017, ActiveCanopy’s Cyber Operations Center was contacted to support and investigate an incident of an enterprise network of over 7,500 hosts at a non-profit organization. . Subsequent analysis determined that the incident was an ongoing infection affecting over 2000 host, including the…
Hackers Favorite Phishing Spot
The growth of phishing attacks in both frequency and sophistication continue to be a high threat with tradecraft showcasing deceptive, spear, and fraudulent techniques in one campaign. These cyber criminals have adapted to recognize user behavior luring those in organizations that must conduct specific services…
Categories
- Cyber Analytics (5)
- Cyber Hunting Blog (3)
- Cyber Market (2)
- Cyber Orchestration (2)
- Deep / Dark Web (1)
- Endpoint Monitoring (2)
- Incident Response (3)