Blog (FR)

KrakenLabs' Threat Actors Naming Convention

09.mai.2023

Borja Rodriguez - Threat Hunting Team Lead at Outpost24

KrakenLabs has developed a new naming convention that uses poisonous plants to represent the origin and criminal activities of threat actors. This approach provides a creative way to classify different types of threat actors, allowing security professionals to quickly understand the nature and behavior of the threat actor, which is helpful for identifying and mitigating threats effectively.

Everything you need to know about the LummaC2 stealer: Leveraging IDA Python and Unicorn to deobfuscate Windows API Hashing

05.avr.2023

Alberto Marín, KrakenLabs Malware Sandbox Lead

In this blog post, the KrakenLabs team will take a deep dive into a malware sample classified as LummaC2, an information stealer written in C language that has been sold in underground forums since December 2022. We assess LummaC2’s primary workflow, its different obfuscation techniques (like Windows API hashing and encoded strings) and how to overcome them to effectively analyze the malware with ease. We will also analyze how networking communications with the C2 work and summarize LummaC2’s MITRE Adversarial Tactics, Techniques and Common Knowledge.

Traffers and the growing threat against credentials

28.Mar.2023

Beatriz Pimenta and Jacobo Blancas, KrakenLabs team

The Rising Threat of Traffers report, compiled by Outpost24’s Threat Intelligence team, KrakenLabs, provides a deep dive into the credential theft ecosystem, and encourages organizations to evaluate their security measures against these evolving threats.

Ransomware Report 2023: Targets, Motives, and Trends

07.fév.2023

Pol Casas, Jacobo Blancas & Alejandro Villanueva from the KrakenLabs team

Our annual Ransomware Report shares the latest trends and developments of the most active threat groups to help businesses better protect themselves

Cyber Threat Landscape Study 2023: Outpost24’s honeypot findings from over 42 million attacks

17.jan.2023

What are the most common cybersecurity threats facing your business? The 2023 Cyber Threat Landscape Study provides valuable threat intelligence to help you implement the appropriate security measures against real threats.

ISO 27002 puts Threat Intelligence center stage

02.déc.2022

The updated ISO 27002 adds 11 new controls spanning a range of security services, including the addition of threat intelligence control 5.7.

Threat Actor of the Month - Sodinokibi

16.nov.2022

Meet "Sodinokibi" this month, the threat group behind the eponymous Sodinokibi ransomware, also known as “REvil”, to understand their tactics and how you can better secure your system from this threat

Threat Actor of the Month - Guacamaya

17.oct.2022

Meet Guacamaya – a hacktivist group advocating for the indigenous people of Central America

Introducing GraceWrapper, TA505’s sophisticated post-exploitation enabler

12.oct.2022

David Catalán, Senior Reverse Engineer, Outpost24

Since its inception almost a decade ago and the MirrorBlast campaign, the threat actor group known as TA505 has continued to plague the financial, retail and restaurant sectors. Learn more about the GraceWrapper post-exploitation enabler and how its detection evasion technique works

Threat Actor of the Month - Shathak

19.Sep.2022

Meet Shathak – a threat group tied to malware used in the Russian-speaking underground targeting enterprises across different sectors in the Americas, Europe and Asia