Executive Summary The Lazarus Cluster, a notorious North Korean state-sponsored hacking organization, has been recently targeting blockchain developers worldwide. By leveraging open-source intelligence (OSINT), social engineering tactics, and visual deception techniques, the group aims to infect vic
Executive Summary: During a recent discussion between "Isabelle Quinn" and myself regarding the latest findings of iOS malware, we encountered new samples of interest. Following observations of activity from the Triangulation group a few days ago by Dmitry Melikov, we subsequently found a sample fro
#CubaRansomware Deploys New tools: Targets Critical Infrastructure Sector in the U.S. and IT Integrator in Latin America https://blogs.blackberry.com/en/2023/08/cuba-ransomware-deploys-new-tools-targets-critical-infrastructure-sector-in-the-usa-and-it-integrator-in-latin-america
Our "Global Threat Intelligence Report" (Reporting Period: March 1 – May 31, 2023) is out https://www.blackberry.com/us/en/solutions/threat-intelligence/2023/threat-intelligence-report-august
The threat actor behind the RomCom RAT has been particularly active since Russia’s invasion of Ukraine. In this report, we provide behavioral detection tips and YARA rules to detect exploits and payloads from RomCom’s recent campaigns.
The BlackBerry Threat Research and Intelligence team has uncovered malicious lures targeting guests of the upcoming NATO Summit who may be providing support to Ukraine. Our analysis leads us to believe that that the threat actor known as RomCom is likely behind this operation.
🚨 21 arrested for labour exploitation and 261 victims identified.
Authorities target food and delivery services, beauty salons, and transport and construction sectors during EU-wide Joint Action Days.
Press release ⤵️
https://www.europol.europa.eu/media-press/newsroom/news/21-arrested-for-labour-exploitation-and-261-victims-identified
#EMPACT https://t.co/Ch9jv4YpTF
🐦🔗: https://n.respublicae.eu/Europol/status/1676504589468672003
Over 27 000 officers carried out inspections in a total of 11 360 locations in a range of sectors, including gastronomy, agriculture and the beauty industry, focusing in particular on the exploitation of non-EU nationals and refugees. Over the span of the action week, 65 839 individuals and 22 958 vehicles were checked. As a result of these checks, 57...
#RomCom Resurfaces: Targeting Politicians in Ukraine and U.S.-Based #Healthcare Providing Aid to #Refugees from #Ukraine
https://blogs.blackberry.com/en/2023/06/romcom-resurfaces-targeting-ukraine
In RomCom’s latest campaign, BlackBerry observed the threat actor targeting politicians in Ukraine who are working closely with Western countries, and a U.S.-based healthcare company providing humanitarian aid to refugees fleeing from Ukraine.
Operation #CMDStealer : Financially Motivated Campaign Leverages CMD-Scripts and #LOLBaS for Online #Banking Theft in #Portugal, #Peru, and #Mexico
https://blogs.blackberry.com/en/2023/05/cmdstealer-targets-portugal-peru-and-mexico
An unknown, financially motivated threat actor, very likely from Brazil, is targeting Spanish- and Portuguese-speaking victims, with malicious LOLBaS tactics and CMB-based scripts to steal online banking access in Portugal, Mexico, and Peru.
Europol