Threat actor activity using remote administration tools
This report provides information about a new technique used by threat actors, leveraging legitimate remote administration tools to infect computers
Read moreAuthor: SCILabs
Main initial access vectors in ransomware attacks
Overview Ransomware attacks represent one of the most critical cyber threats, given the increasing number of organizations affected each month
Read moreThreat Profile: Red BerryMiner
Red BerryMiner Objective This report analyses the modus operandi, TTPs, infrastructure, and tools used by a threat group named by
Read moreURSA/Mispadu: Overlap analysis with other threats
Overview In the current threat landscape in Latin America, the Malteiro cybercriminal group (operators of the URSA/Mispadu banking trojan) has
Read moreNew BlackBelen malware: Man-in-the-Browser malware campaign targeting Mexico
Overview This post aims to describe the TTPs and provide IoCs of a new malware campaign that SCILabs called BlackBelen.
Read moreBeware of Emotet
The origin of Emotet Emotet, also known as Geodo and Heodo, is a trojan aimed at all types of users,
Read moreBlackParty Trojan
Overview The following post provides TTPs and IoCs identified by SCILabs related to a campaign detected in Mexico delivering a
Read moreA polymorphic malware distributed by USB devices in Mexico
In recent months, SCILabs detected a new threat distributed via USB devices with the ability to self-replicate, modify multiple operating
Read moreLokibot in Latin America
Overview The following post describes the identified TTPs and IOCs of a campaign analyzed by SCILabs, that is distributing Lokibot
Read moreCyber Threat Profile MALTEIRO
Overview The following post aims to analyze the modus operandi, infrastructure, tools, the malware used, and the TTPs
Read more