🕵️ El Curso de OSINT - Open Source Intelligence está permanente disponible en el aula virtual para acceso inmediato. 📲 WhatsApp: https://wa.me/51949304030 📌 https://www.reydes.com/archivos/cursos/Curso_OSINT_Open_Source_Intelligence.pdf #osint #opensourceintelligence #cybersecurity #threatintel #hreatintelligence #infosec #investigatons

Almost exactly one year ago, we announced the discovery of a new DNS C2 malware -- Decoy Dog. This remote access trojan had been lurking for already a year undetected by the industry and was essentially disguised as the open source tool, Pupy. Our second research released in July 2023 showed how different Decoy Dog was from Pupy and that it was being used by multiple distinct actors, almost certainly nation state actors... but we had no idea where it was actually operating. We now know that the Russian security company, and others, have found Decoy Dog in the wild since then. They attribute attacks on Russian governments and critical infrastructure to Ukraine. We are confident there are multiple actors using the toolkit (see our second paper linked below). But we now have a better insight on the types of devices that are being exploited. Also PT shows active use of the DGA in Decoy Dog that we had disclosed in our second paper. This is a serious RAT and hopefully the community will continue to report findings and share protection mechanisms. #dns #decoydog #malware #rat #cybercrime #cybersecurity #russia #ukraine #threatintel #hreatintelligence #infosec #pupy #infoblox #rat https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/hellhounds-operation-lahat/ https://blogs.infoblox.com/cyber-threat-intelligence/decoy-dog-is-no-ordinary-pupy-distinguishing-malware-via-dns/