Threats and Vulnerabilities
EclecticIQ Retrospective: A Look at the Themes & Events That Shaped the 2023 Cyber Landscape
As the year draws to a close, EclecticIQ’s Intelligence & Research Team looked back on the 2023 cyber landscape: from the evolving tactics of Chinese state-sponsored cyber operations, the increasing integration of ...
Navigating Cyber Challenges: Biden’s AI Executive Order, Ransomware Attack on German Municipalities
President Biden Signs Executive Order to Enhance AI Safety And Security in The US On October 30, 2023, President Biden issued an Executive Order (EO) [] focusing on the safe, secure, ...
Flax Typhoon targeting Taiwan, Ransomware Emphasizing Linux-Centric Payloads
Flax Typhoon: Microsoft Uncovers Espionage Tactics Targeting Taiwan Microsoft has detected malicious activities primarily targeting Taiwanese organizations by a nation-state actor named Flax Typhoon, which is believed to be ...
FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware
FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware According to the Symantec Threat Hunter Team, the financially motivated threat actor known as FIN8 has been observed using ...
8Base Ransomware Surge; SmugX Targeting European Governments; Russian-Linked DDoS Warning
Surge in 8Base Ransomware Operations Raises Questions of Connections to Phobos and RansomHouse In June 2023, activity related to 8base ransomware operations increased significantly, although the exact reason for this surge ...
Creative Ransomware Extortion; Further Malware Capabilities With ChatGPT
The Blackcat-Western Digital Ransomware Cyberattack Serves a Good Example of How Extortion Techniques Will Change Risk And Impact For Targeted Victims Threat actors were able to tap into webcams of employees at ...
3CX Incident Attributed to North Korea; New LockBit MacOS Sample
Mandiant Attributes 3CX Supply Chain Attack to North Korean Activity Cluster On April 11, 2023, 3CX reported that Mandiant - who investigated the supply chain attack using a digitally signed 3CXDesktopApp installer ...
Exposed Web Panel Reveals Gamaredon Group’s Automated Spear Phishing Campaigns
Executive Summary On February 09, 2023, EclecticIQ analysts identified a spear phishing campaign targeting Ukrainian government entities like the Foreign Intelligence Service of Ukraine (SZRU) and Security Service of Ukraine (SSU). Analysts ...
Dark Pink APT Group Strikes Government Entities in South Asian Countries
Executive Summary In February 2023, EclecticIQ researchers identified multiple KamiKakaBot malwares which are very likely used to target government entities in ASEAN (Association of Southeast Asian Nations) countries. The latest attacks, which ...
Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain
Executive summary In May 2020 EclecticIQ Intelligence and Research Team published a report () on phishing lures impersonating the maritime industry. This research offers new insights and update on the topic. The ...
