How did a group of criminals come to be responsible for such a costly enterprise? Threat actors are distributed, and they don’t form one cohesive group, but the holes they’ve punched in organizations and governments through infiltration, compromises, and breaches have collectively amounted to this staggering estimate.
Prevailion’s Tailored Intelligence Team has detected two new criminal campaigns targeting the global financial industry with the EVILNUM malware, one of which became active on May 3rd 2020. We have dubbed these new operations “Phantom in the [Command] Shell”.
Just shy of a week after Microsoft squeezed cyber criminals out of the prolific Necurs botnet infrastructure, threat actors like TA505 still maintain a foothold on networks throughout the world. Findings from Prevailion’s compromise intelligence platform on Wednesday showed the IP addresses TA505 have actively infected around the globe. Prevailion’s Chief Data Scientist Nate Winslow […]
Prevailion’s Tailored Intelligence team has followed an active supply chain attack that has been ongoing since late 2017, we named this campaign “PHPs Labyrinth.”
Prevailion’s Tailored Intelligence team has discovered new campaigns associated with the Gorgon Group, suspected Pakistani based actors, who previously operated the MasterMana botnet. While this group relied upon an amalgamation of multiple open-source and commercially available tools, they have proven themselves to be highly capable.