BPL Side-Loading: technique exploited by threat actors in LATAM
Overview The purpose of this post is to provide information on a technique disclosed in May of 2024 and recorded
Read moreAuthor: SCILabs
Threat actor activity using remote administration tools
This report provides information about a new technique used by threat actors, leveraging legitimate remote administration tools to infect computers
Read moreMain initial access vectors in ransomware attacks
Overview Ransomware attacks represent one of the most critical cyber threats, given the increasing number of organizations affected each month
Read moreThreat Profile: Red BerryMiner
Red BerryMiner Objective This report analyses the modus operandi, TTPs, infrastructure, and tools used by a threat group named by
Read moreURSA/Mispadu: Overlap analysis with other threats
Overview In the current threat landscape in Latin America, the Malteiro cybercriminal group (operators of the URSA/Mispadu banking trojan) has
Read moreNew BlackBelen malware: Man-in-the-Browser malware campaign targeting Mexico
Overview This post aims to describe the TTPs and provide IoCs of a new malware campaign that SCILabs called BlackBelen.
Read moreBeware of Emotet
The origin of Emotet Emotet, also known as Geodo and Heodo, is a trojan aimed at all types of users,
Read moreBlackParty Trojan
Overview The following post provides TTPs and IoCs identified by SCILabs related to a campaign detected in Mexico delivering a
Read moreA polymorphic malware distributed by USB devices in Mexico
In recent months, SCILabs detected a new threat distributed via USB devices with the ability to self-replicate, modify multiple operating
Read moreLokibot in Latin America
Overview The following post describes the identified TTPs and IOCs of a campaign analyzed by SCILabs, that is distributing Lokibot
Read more