Our Blog

Stay in the know with news and information published by Ideal Technologies and other top tech news outlets across the globe.

PRISM attacks manage to stay under the radar

PRISM attacks manage to stay under the radar

AT&T AlienLabs has recently come across some ELF executables that caught our attention as they had very low or zero anti-virus detections yet they were flagged as malicious by our analysis systems. Upon inspecting we identified them...

Keksec and Tsunami-Ryuk

Keksec and Tsunami-Ryuk

Keksec, known as Necro, has updated the algorithm used to generate new domains for a variant of the Tsunami DDoS malware, which has been seen in the wild for the first time. REFERENCES: https://www.lacework.com/keksec-tsunami-ryuk/...

APT41 likely behind supply chain attack to big airline heist

APT41 likely behind supply chain attack to big airline heist

A security breach caused by a Chinese nation-state cyberattack in 2021 could have significant implications for the airline industry, according to security researcher Group-IB. REFERENCE: https://blog.group-ib.com/colunmtk_apt41 TAGS:...

New Mirai Variant Targeting Network Security Devices

New Mirai Variant Targeting Network Security Devices

Discovered a series of attacks leveraging a number of vulnerabilities. Upon successful exploitation, the attackers try to download a malicious shell script, which contains further infection behaviors such as downloading and executing...

Prometheus Ransomware Gang: A Group of REvil

Prometheus Ransomware Gang: A Group of REvil

Prometheus is a new player in the ransomware world that uses similar malware and tactics to ransomware veteran Thanos. Prometheus leverages double-extortion tactics and hosts a leak site, where it names new victims and posts stolen data...

PuzzleMaker attacks with Chrome zero-day exploit chain

PuzzleMaker attacks with Chrome zero-day exploit chain

Detected a wave of highly targeted attacks against multiple companies. Analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. Microsoft assigned CVE-2021-31955 to the...

TeamTNT Using WatchDog Operations TTPs in Cryptojacking

TeamTNT Using WatchDog Operations TTPs in Cryptojacking

Researchers have identified indicators traditionally pointing to the WatchDog cryptojacking group, which have been incorporated in the tactics, techniques and procedures (TTPs) used by the TeamTNT cryptojacking group. While TeamTNT is...

Introducing Privilege Access Management

Introducing Privilege Access Management

Security breaches hurt small businesses the most, and if you are a small business owner and become a data breach victim, recovery may be impossible. It is estimated that 60% of small businesses that experience a hack go out of business...

FIN7 infrastructure and tooling IOCs

FIN7 infrastructure and tooling IOCs

Updates in indicators of compromise for the FIN7 actor malware tooling and infrastructure. REFERENCE: https://twitter.com/z0ul_/status/1401795127601991682 TAGS: FIN7, Powershell, Carnabak, DiceLoader, BirdDog, Griffon ADVERSARY: FIN7...