XE Group: From Credit Card Skimming to Exploiting Zero-Days
Written by Nicole FIshbein, Joakim Kennedy and Justin Lentz Executive Summary This blog provides an in-depth analysis of XE Group’s recent operations based on a collaborative research effort with Solis Security. The team’s findings include detailed technical insights into the exploits used by XE Group, including their utilization of zero-day vulnerabilities (CVE-2024-57968 CVSS score 9.9, […]
Operation HamsaUpdate: A Sophisticated Campaign Delivering Wipers Puts Israeli Infrastructure at Risk
Written by Nicole Fishbein and Ryan Robinson On December 19th, the Israel National Cyber Directorate released an urgent alert warning regarding a phishing campaign actively targeting Israeli customers using F5’s network devices. We’ve labeled this campaign Operation HamsaUpdate. It features the deployment of a newly developed wiper malware that targets both Windows and Linux servers. […]
Technical Analysis: Pacha Group Deploying Undetected Cryptojacking Campaigns on Linux Servers
Introduction Cryptomining malware, also known as cryptojacking or cryptocurrency mining malware, refers to software developed to take over a computer’s resources and use them for cryptocurrency mining without a user’s explicit permission. There are several reports documenting this newer malware breed and how it has become more popular in the last few years. Antd is a miner found in […]