Category: Reports & Threat Intel

Who are latest targets of cyber group Lyceum?

By Accenture Cyber Threat Intelligence and Prevailion Adversarial Counterintelligence Team Prevailion’s Adversarial Counterintelligence Team and Accenture’s Cyber Defense group are teaming up to jointly utilize their respective proprietary data and expert analysis to deliver timely and in-depth security research. Our goal is to provide insights into threat actor tactics, targets, and campaigns to deliver actionable […]

Diving Deep into UNC1151’s Infrastructure: Ghostwriter and beyond

Introduction: Prevailion’s Adversarial Counterintelligence Team (PACT) is using advanced infrastructure hunting techniques and Prevailion’s unparalleled visibility into threat actor infrastructure creation to uncover previously unknown domains associated with UNC1151 and the “Ghostwriter” influence campaign.  UNC1151 is likely a state-backed threat actor [1] waging an ongoing and far-reaching influence campaign that has targeted numerous countries across […]

ESG Technical Validation: Compromise Intelligence to reduce Cyber Risk

Fill out the form below and get your free copy of the report.

Cert Safari: Leveraging TLS Certificates to Hunt Evil

  Proactively hunting for malicious infrastructure is a persistent puzzle for threat researchers to work and solve.  It is a complex and evolving problem, made more complex (though not unmanageable) by Domain Privacy and GDPR, which obscure WHOIS information that Analysts and Researchers would otherwise use to identify trends and corroborate other observations to increase confidence […]

Word writing text Threat Intelligence. Business concept for analyzed and refined information about potential attacks.

Lower the Price Tag of a Data Breach with Threat Intelligence

Detecting and containing a data breach takes the better part of a year, approximately 280 days, for the average organization, according to IBM’s 15th annual Cost of a Data Breach Report, Unfortunately, the longer it takes to identify a breach, the bigger the price tag of the overall breach lifecycle.  This year’s report found that […]

The Gh0st Remains the Same

Prevailion’s Tailored Intelligence Team has detected a new advanced campaign dubbed – “The Gh0st Remains the Same.” This first campaign likely commenced between May 11th and 12th, 2020. In this engagement, the victims received a compressed RAR folder that contained trojanized files.

Copyright 2021 Prevailion, Inc. All rights reserved.    

Disclaimer: Gartner “Cool Vendors in Security Operations and Threat Intelligence,” Mitchell Schneider, Ruggero Contu, John Watts, Craig Lawson, October 13, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Disclaimer: The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.