On my way to #DefCamp in Cluj-Napoca. Have a breakout session on Friday about real attacks handled by our SOC.

Looking forward to the sessions and discussions that will arise.

#LifeAtTruesec #Truesec #BlueTeamWillWin

"🚨 DarkGate Loader Strikes via Microsoft Teams! 🚨"

Malspam campaigns involving DarkGate Loader have surged since its debut as a Malware-as-a-Service on cybercrime forums in June 2023. Previously delivered via email campaigns akin to Emotet, a twist emerged in August when an operator began exploiting Microsoft Teams. The malware was cunningly dispatched through HR-themed social engineering chat messages. 📩💼

Truesec's Cybersecurity Incident Response Team discovered that on August 29, compromised external Office 365 accounts were used to send Microsoft Teams chat messages. These messages cunningly persuaded recipients to download a malicious file. The senders, identified as “Akkaravit Tattamanas” and “ABNER DAVID RIVERA ROJAS”, had their accounts compromised and subsequently sold on the Dark Web. 🌐🔓

The malware, disguised as a file named “Changes to the vacation schedule.zip”, was later identified by Microsoft Defender as “BAT/Tisifi.A#”. A deep dive into the malware revealed its final payload as the DarkGate Loader. 📁🔥

For a comprehensive understanding of the DarkGate Loader and its capabilities, check out these articles:

• Deutsche Telekom CERT on DarkGate Loader
• DarkGate Campaign Analysis

To defend against such attacks, it's crucial to enhance security awareness and consider restricting Microsoft Teams chat requests to specific external domains. 🛡️🚫

Source: Truesec Blog

Tags: #DarkGateLoader #Malware #MicrosoftTeams #CyberSecurity #Malspam #SocialEngineering #Truesec 🌍🔒🖥️

We’re prepared, focused and excited to present our “Tales From the Dark Side” tomorrow (Friday) at 11:15 in Place du Canada at the annual @firstdotorg conference, #firstcon23.

#FIRST #incidentresponse #cybersecurity #presentation #TRUESEC #warstories

We at Truesec, a leading cyber security firm in Northern Europe, have just published our annual Threat Intelligence Report for 2023.

This report is a massive undertaking to produce involving pretty much all parts of the organization.

Please let us know what you think, and help us shape future versions of the report. Your opinion and feedback matters.

#ThreatIntel #Truesec

https://www.truesec.com/hub/report/threat-intelligence-report-2023

Anonymous Sudan: most likely Russia disrupting Swedens🇸🇪 NATO-application.

Today, #Truesec #ThreatIntelligence Unit released a report which explains how the "Anonymous Sudan" has nothing to do with the online activists collectively known as Anonymous.

https://www.truesec.com/hub/blog/what-is-anonymous-sudan

New intelligence report by #Truesec: What is Anonymous Sudan?

https://www.truesec.com/hub/blog/what-is-anonymous-sudan

#anonymousSudan

Meet the guest for our first #JamfSecurityLounge - Fabio Viggiani, Chief Technical Officer at Truesec.

Fabio has extensive experience in leading red team assignments, incident response missions, and various types of security assessments and research.

Find out more and register ▶ https://hopin.com/events/security-lounge-february-2023/registration?utm_campaign=NORD-Security-Lounge&utm_source=NORD

#Jamf #JamfSecurityLounge #JamfTrustedAccess #Truesec #Cybersecurity #Cybersecurityawareness