Threat Hunting Rule Extraction and Use Cases
TL;DR: You can now extract IOCs and behavioral indicators to a hunting rule format for your endpoint security system. This enables you...
Stay Ahead of the Latest Threats with Threat Family Tracking
TL;DR – You can now subscribe to threat actors/malware families in Intezer and receive notifications for new IoCs and detection opportunities. Staying...
Elephant Framework Delivered in Phishing Attacks Against Ukrainian Organizations
A recently developed malware framework called Elephant is being delivered in targeted spear phishing campaigns using spoofed Ukrainian governmental email addresses. The...
New Conversation Hijacking Campaign Delivering IcedID
This post describes the technical analysis of a new campaign detected by Intezer’s research team, which initiates attacks with a phishing email...
3 Ways to Save Incident Response Time
Save time during incident response with these tips and tools to help your team accelerate HD, memory, and live...
Detection Rules for Sysjoker (and How to Make Them With Osquery)
On January 11, 2022, we released a blog post on a new malware called SysJoker. SysJoker is a malware targeting Windows, macOS,...
New SysJoker Backdoor Targets Windows, Linux, and macOS
Malware targeting multiple operating systems has become no exception in the malware threat landscape. Vermilion Strike, which was documented just last September,...
Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike
Key Findings Discovered Linux & Windows re-implementation of Cobalt Strike Beacon written from scratchLinux malware is fully undetected by vendorsHas IoC and...
Intezer Analyze Transforms for Maltego
We are happy to introduce the Intezer Analyze plugin for Maltego. Combine insights from our malware analysis platform with Maltego’s graphical tool (And you...
How to Detect Cobalt Strike
Cobalt Strike is a penetration testing tool created by Raphael Mudge in 2012. To this day, it remains extremely popular both in...
Targeted Phishing Attack against Ukrainian Government Expands to Georgia
In May 2021, Fortinet published a report about the early stages of an ongoing phishing attack against the Ukrainian government. The attack, initially...