TTPs used by DEV-0586 APT Group in WhisperGate Attack Targeting Ukraine
On January 15, 2021, Microsoft Threat Intelligence Center (MSTIC) published a blog post stating that nation-state threat group DEV-0586 has been conducting destructive malware operations on Ukrainian organizations. In this blog, we ...
Picus Threat Library Is Updated for Flagpro Malware of BlackTech Group
Picus Labs has updated the Picus Threat Library with new attack methods for Flagpro malware of BlackTech. BlackTech APT group BlackTech (also known as Circuit Panda, Radio Panda, TEMP.Overboard, HUAPI, Palmerworm) is ...
TTPs and IOCs Used by MuddyWater APT Group in Latest Attack Campaign
United States Cyber Command (USCYBERCOM) issued an alert today (January 13, 2022), reporting malicious cyber operations by Iranian MOIS (Ministry of Intelligence and Security) sponsored MuddyWater APT (advanced persistent threat) group. MuddyWater ...
10 Lessons Learned from the Top Cyber Threats of 2021
2021 was a busy year for the cyber security community. Emerging threats posed many challenges to security professionals and created many opportunities for threat actors. Picus has curated a list of the ...
Picus Threat Library Is Updated for Trojans Targeting Banks in Latin America
Picus Labs has updated the Picus Threat Library with new attack methods for Krachulka, Lokorrito, Zumanek Trojans that are targeting banks in Brazil, Mexico, and Spain. In this blog, techniques used by ...
The Log4j Vulnerability Remediation with WAF and IPS
The Apache Log4j vulnerability wreaking havoc has a far greater impact than anticipated. We published a detailed blog post about the CVE-2021-44228 Log4j vulnerability and its exploitation on Friday, 10th December. However, ...
Simulating and Preventing CVE-2021-44228 Apache Log4j RCE Exploits
Picus Labs has updated the Picus Threat Library with attacks that exploit CVE-2021-44228 Remote Code Execution (RCE) vulnerability affecting Apache Log4j - the ubiquitous Java logging library. What is the CVE-2021-44228 Log4j ...
Picus Is Updated for Godzilla Webshell Used by APTs Exploiting CVE-2021-44077
Picus Labs has updated the Picus Threat Library with new attack methods for the Godzilla webshell used by APT (advanced persistent threat) actors exploiting CVE-2021-44077 unauthenticated remote code execution (RCE) vulnerability in ...
The Red Report 2021
Welcome to The Picus Red Report 2021. Based upon research conducted by Picus Labs, this report highlights the ten most common MITRE ATT&CK tactics and techniques used by adversaries over the last ...
TTPs Used by the Iranian APT Exploiting Exchange and Fortinet Vulnerabilities
US CISA (Cybersecurity and Infrastructure Security Agency), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint alert ...
