Dmitry Bestuzhev

@[email protected]
232 Followers
73 Following
74 Posts
Former Senior Director, CTI at BlackBerry,
Former GReAT Director in LatAm
linkedin.com/in/bestuzhev
#threatintel #cti #yara #malware
Dmitry BestuzhevApr 21
Back to here
Dmitry BestuzhevMay 14, 2024
https://www.linkedin.com/pulse/lazarus-group-targets-blockchain-developers-social-visual-bestuzhev-ije9e?utm_source=share&utm_medium=member_ios&utm_campaign=share_via
Lazarus Group Targets Blockchain Developers with Social Engineering and Visual Deception Techniques in Code.

Executive Summary The Lazarus Cluster, a notorious North Korean state-sponsored hacking organization, has been recently targeting blockchain developers worldwide. By leveraging open-source intelligence (OSINT), social engineering tactics, and visual deception techniques, the group aims to infect vic

Dmitry BestuzhevApr 18, 2024
https://www.linkedin.com/pulse/xagent-spyware-targeting-ios-devices-western-europe-dmitry-bestuzhev-xunle
XAgent Spyware Targeting iOS Devices in Western Europe: Analysis of Capabilities

Executive Summary: During a recent discussion between "Isabelle Quinn" and myself regarding the latest findings of iOS malware, we encountered new samples of interest. Following observations of activity from the Triangulation group a few days ago by Dmitry Melikov, we subsequently found a sample fro

Dmitry BestuzhevApr 12, 2024
https://blogs.blackberry.com/en/2024/04//lightspy-returns-renewed-espionage-campaign-targets-southern-asia-possibly-india
#lightspy Returns: Renewed #espionage Campaign Targets Southern Asia, Possibly India
#ios
LightSpy Returns: Renewed Espionage Campaign Targets Southern Asia, Possibly India

After months of inactivity, the advanced mobile spyware LightSpy has resurfaced with expanded capabilities, targeting individuals in Southern Asia.

BlackBerry
Dmitry BestuzhevAug 17, 2023

#CubaRansomware Deploys New tools: Targets Critical Infrastructure Sector in the U.S. and IT Integrator in Latin America https://blogs.blackberry.com/en/2023/08/cuba-ransomware-deploys-new-tools-targets-critical-infrastructure-sector-in-the-usa-and-it-integrator-in-latin-america

#cti #cve #detectionengineering

Cuba Ransomware Deploys New tools: Targets Critical Infrastructure Sector in the U.S. and IT Integrator in Latin America

BlackBerry has discovered and documented new tools used by the Cuba ransomware threat group. The good news is that BlackBerry protects against Cuba ransomware.

BlackBerry
Dmitry BestuzhevAug 2, 2023

Our "Global Threat Intelligence Report" (Reporting Period: March 1 – May 31, 2023) is out https://www.blackberry.com/us/en/solutions/threat-intelligence/2023/threat-intelligence-report-august

#sigma #ttps #threatintelligence

BlackBerry Global Threat Intelligence Report — August 2023 Edition

This report by the BlackBerry Threat Research and Intelligence team provides the latest actionable and contextualized cyber intelligence to increase cyber resilience.

Dmitry BestuzhevJul 25, 2023
Decoding #RomCom: #Behaviors and Opportunities for Detection
https://blogs.blackberry.com/en/2023/07/decoding-romcom-behaviors-and-opportunities-for-detection/
#rules
Decoding RomCom: Behaviors and Opportunities for Detection

The threat actor behind the RomCom RAT has been particularly active since Russia’s invasion of Ukraine. In this report, we provide behavioral detection tips and YARA rules to detect exploits and payloads from RomCom’s recent campaigns.

BlackBerry
Dmitry BestuzhevJul 9, 2023
#RomCom Threat Actor Suspected of Targeting #ukraines NATO Membership Talks at the #NATO Summit https://blogs.blackberry.com/en/2023/07/romcom-targets-ukraine-nato-membership-talks-at-nato-summit
RomCom Threat Actor Suspected of Targeting Ukraine's NATO Membership Talks at the NATO Summit

The BlackBerry Threat Research and Intelligence team has uncovered malicious lures targeting guests of the upcoming NATO Summit who may be providing support to Ukraine. Our analysis leads us to believe that that the threat actor known as RomCom is likely behind this operation.

BlackBerry
Dmitry BestuzhevJul 5, 2023
EuropolJul 5, 2023

🚨 21 arrested for labour exploitation and 261 victims identified.
Authorities target food and delivery services, beauty salons, and transport and construction sectors during EU-wide Joint Action Days.
Press release ⤵️
https://www.europol.europa.eu/media-press/newsroom/news/21-arrested-for-labour-exploitation-and-261-victims-identified
#EMPACT https://t.co/Ch9jv4YpTF

🐦🔗: https://n.respublicae.eu/Europol/status/1676504589468672003

21 arrested for labour exploitation and 261 victims identified | Europol

Over 27 000 officers carried out inspections in a total of 11 360 locations in a range of sectors, including gastronomy, agriculture and the beauty industry, focusing in particular on the exploitation of non-EU nationals and refugees. Over the span of the action week, 65 839 individuals and 22 958 vehicles were checked. As a result of these checks, 57...

Europol
Dmitry BestuzhevJun 7, 2023

#RomCom Resurfaces: Targeting Politicians in Ukraine and U.S.-Based #Healthcare Providing Aid to #Refugees from #Ukraine

https://blogs.blackberry.com/en/2023/06/romcom-resurfaces-targeting-ukraine

RomCom Resurfaces: Targeting Politicians in Ukraine and U.S.-Based Healthcare Providing Aid to Refugees from Ukraine

In RomCom’s latest campaign, BlackBerry observed the threat actor targeting politicians in Ukraine who are working closely with Western countries, and a U.S.-based healthcare company providing humanitarian aid to refugees fleeing from Ukraine.

BlackBerry