Top Categories

Spotlight

todayNovember 2, 2021

Cyber security + Global news Kristóf Arleitner

The REvil is in the details

The REvil (also known as Sodinokibi) ransomware operation has taken the spotlight in recent years. The Russian group operates by direct attacks, and also in a ransomware-as-a-service (RaaS) model, through affiliates who provide access to networks, carry out ransomware attacks or negotiate on behalf of REvil. In the RaaS model, [...]


janos.pallagi

2 Results / Page 1 of 1

Background

todayMay 20, 2019

  • 11
close

Uncategorized János Pallagi

Incident response case study featuring Ryuk and Trickbot (part 2)

This is part 2 of our recent incident response study encountering a Trickbot infection. Initial compromise Right after tricking a user into running the malicious Office macro on their machine, thus gaining code execution, the first stage Trickbot executable is downloaded and executed. The first stage payload is responsible for ...