Estimated reading time: 4 minutes
Over the past few months, job economy has been marked by uncertainty, with constant news about layoffs, restructuring, hiring freezes, and aggressive cost-cutting measures. This atmosphere has created widespread anxiety among both employees and organizations, and cybercriminals have quickly...Estimated reading time: 11 minutes
Operation FrostBeacon: Multi-Cluster Cobalt Strike Campaign Targets Russia Contents Introduction Key Targets Geographical Focus Industries Affected LNK Cluster Initial Access: Archive Delivery Phishing Email and Decoys Malicious LNK and HTA Loader Obfuscated PowerShell Payload CVE Cluster Phishing Emails Chaining...Estimated reading time: 11 minutes
Contents Introduction Key Targets. Industries Affected. Geographical Focus. Infection Chain. Initial Findings. Looking into the decoy-document Technical Analysis Stage 1 – Malicious LNK Script Stage 2 – DUPERUNNER Implant Stage 3 – AdaptixC2 Beacon. Infrastructural Artefacts. Conclusion SEQRITE Protection....Estimated reading time: 10 minutes
Operation Hanoi Thief: Threat Actor targets Vietnamese IT professionals and recruitment teams. Introduction Key Targets. Industries Affected. Geographical Focus. Infection Chain. Initial Findings Looking into the decoy-document Technical Analysis Stage 1 – Malicious LNK Script Stage 2 – Pseudo-Polyglot...Estimated reading time: 7 minutes
Introduction Redis is an open-source, in-memory data store widely used as a cache, message broker, and high-performance NoSQL database. It offers rich data structures like strings, hashes, lists, sets, sorted sets, bitmaps, HyperLogLogs, and streams, backed by atomic operations...
Estimated reading time: 17 minutes
Introduction Timeline Key Targets. Industries Affected. Geographical Focus. Infection Chain. Initial Findings. Technical Analysis. Campaign – I The LNK Way. Malicious SILENT LOADER Malicious LAPLAS Implant – TCP & TLS. Malicious .NET Implant – SilentSweeper Campaign – II Malicious...
Estimated reading time: 10 minutes
Introduction In August 2025, a Telegram channel named “Scattered LAPSUS$ Hunters” surfaced, linking itself to notorious cybercrime groups: Scattered Spider, ShinyHunters, and LAPSUS$. The group quickly began posting stolen data, ransom demands, and provocative statements, reviving chaos once driven...
Estimated reading time: 9 minutes
Contents Introduction Key Targets. Industries Affected. Geographical Focus. Infection Chain. Initial Findings. Looking into the decoy-document Technical Analysis Stage 1 – Malicious LNK Script Stage 2 – Malicious .NET Implant Hunting and Infrastructure. Conclusion Seqrite Protection. IOCs MITRE ATT&CK....
Estimated reading time: 10 minutes
Authors: Dixit Panchal, Soumen Burma & Kartik Jivani Table of Contents Introduction: Initial Analysis: Analysis of Decoy: Infection Chain: Technical Analysis: Infrastructure Hunting: Conclusion: Seqrite Coverage: IoCs: MITRE ATT&CK: Introduction: Seqrite Lab has been actively monitoring global cyber threat...Estimated reading time: 9 minutes
Content Overview Introduction Initial Vector Infection Chain Analysis of .SVG Attachment Analysis of .HTA file Analysis of .VBS file Analysis of .ps1 file Analysis of Downloader/Loader Anti-VM Technique Persistence Technique Download and Loader Function AsyncRAT Payload File MD5’s Quick...