Background APT-C-36, also known as Blind Eagle, is believed to be a
South American espionage group that has been operational since 2018. The
group's targets include government institutions in South America
(primarily Colombia), as well as significant...
Background Earlier this year, Red Canary Intelligence posted a blog
about a worm, named Raspberry Robin, that spreads over removable
external drives and utilizes compromised QNAP devices as
command-and-control servers. The adversary has also been dub...
Background Ragnar Locker is a ransomware gang that made its global debut
around late 2019, early 2020, targeting multiple large organizations on
the Windows operating system in efforts to extort cryptocurrency
(usually BTC) in exchange for data. Ragn...
Background In September 2021, Google TAG Researchers shared their
observations about a threat actor they referred to as EXOTIC LILY,
classifying them as Initial Access Brokers (IABs), working closely with
Russian Cyber Crime Gang FIN12 (FireEye). Act...
At NetWitness, our methodology has always been to cater our community
the means of accelerated threat detection, by making relevant resources
available in the form of plugins, integrations, parsers, detection
content, feeds and much more.The cloud co...
