The BI.ZONE Threat Intelligence team has discovered a fresh campaign by Scaly Wolf. The threat actors tried out a new method of delivering their malware to infected systems... but failed.

tinyurl.com/qmmO3YkN

Cyber Polygon 2024, September 10–11. Registrations open in June.

The online cybersecurity training will run jointly with MENA ISC 2024. Corporate teams from across the world are welcome to participate.

Live stream from the Cyber Polygon booth.

bit.ly/3WkjVxg

The BI.ZONE Threat Intelligence team discovered a new Cloud Werewolf campaign spearphishing government employees with MS Office attachments.

Learn how the attackers evaded defenses in our latest research.

bitly.ws/3h2H9

Fluffy Wolf uses reconciliation reports to deliver malware and legitimate remote access tools to victim computers. Find out more in our latest research.

bitly.ws/3gksv

BI.ZONE uncovers a campaign by Mysterious Werewolf, a group first detected in 2023.
The attackers continue to use phishing and CVE-2023-38831 to run malware in target systems—this time, with the help of their own backdoor RingSpy.
Read on bitly.ws/3fFkP

We launched BI.ZONE Cyber Polygon Platform

The platform is designed for individual training and helps professionals to hone their skills in forensics, security assessment, and threat monitoring.

Learn more: bit.ly/3wyRZuQ

Our threat intelligence team has been tracking Scaly Wolf since summer 2023. The activity cluster is targeting Russian organizations with the White Snake stealer.

Learn more about their TTPs and campaigns: bitly.ws/3bVDH

Great news! OFFZONE 2024 is scheduled for August 22–23 in Moscow

As always, the focus will be on exclusive technical content and fun activities like badge customization, soldering, tattooing, and much more.

Tickets will go on sale a little later.
bit.ly/3S1MFaw

BI.ZONE Threat Intelligence taxonomy of threat actors was expanded to include hacktivists (Hyenas), in addition to state-sponsored Werewolves and financially motivated Wolves.

bit.ly/3vak6zM

New SANS Institute Threat Analysis Rundown with Katie Nickels and guest speaker head of #threatintelligence at BI.ZONE Oleg Skulkin
November 30th, 1:00 pm ET
Set your reminder now! youtube.com/watch?v=rj-Q8O…

BI.ZONE Threat Intelligence discovered a group active since 2019. Attackers disguise phishing emails as 1C:Enterprise invoices and gain full control over users' operations.

Learn more
bitly.ws/33JnJ

In our new research, we reveal how hackers use the malware-as-a-service model to attack Russian organizations.

We looked at seven malware families: Agent Tesla, FormBook, RedLine, DarkCrystal, White Snake, DarkGate, and SnakeKeylogger.

bitly.ws/33ggq

Recently, Cyble published a research on a hacker group that hit the Russian semiconductor suppliers. We are also monitoring this activity and successfully detected another attack. This time directed at Russia's manufacturing industry.

Learn more bitly.ws/ZXuh

In the newest guide from our series “The path to digital leadership,” we explain how companies can neutralize potential reputational impact after a cyber incident.

We also share guidelines and an incident management checklist for the PR department.

bit.ly/3FjaYed

Our cyber threat intelligence reports a new group which uses easily recognizable tools to attack public organizations.

In the new article, we detail these attacks and explain how to detect intrusionsattempts.

bit.ly/3QeZb6H

At SANS DFIR, Oleg Skulkin elaborated on how to investigate ransomware attacks when all you have is default sources of forensic artifacts.

Watch the video: youtu.be/_2mpW17UkLc?si…

More and more source code for ransomware, such as Babuk, Conti, and LockBit, is leaking online.

In our new research, we explore the tactics, techniques, and procedures of three cybercriminal groups that use leaked source codes and builders.

Download: bitly.ws/Ueyx

Our Cyber Threat Intelligence team detected a new White Snake campaign targeting Russian organizations. The stealer is distributed via phishing emails under the guise of official state requirements.

bit.ly/3OpHbob

Quartz Wolf uses legitimate software to remotely access compromised systems.

BI.ZONE CESP has detected and prevented one such attack.

Read on to learn more.
bit.ly/459k9c7

Recently, we discovered some activity from Red Wolf, a group that had been laying low since 2022.

We have prepared a technical article, describing how and why the criminals infiltrate corporate infrastructures, and what you can do about it.

bit.ly/3pq8mH4