Anvilogic Forge Threat Research Reports
Here you can find an accumulation of trending threats published weekly by the Anvilogic team.
We curate threat intelligence to provide situational awareness and actionable insights
Atomic detections that serve as the foundation of our detection framework.
Risk, pattern, and sequence-based detections utilizing the outputs of Threat Identifiers as a means of identifying actual threats.
• Threat News Reports
• Trending Threat Reports
• ResearchArticles
Forge Report: First Half Threat Trends of 2024
Featured Threat Reports
All Threat Reports
Ukraine and Poland Targeted by New 'Prestige' Ransomware
Microsoft's Threat Intelligence Center reports 'Prestige' ransomware targeting organizations in Ukraine and Poland. The DEV-0960 group uses tools like RemoteExec and Impacket's WMIexec for deployment, with techniques including scheduled tasks, PowerShell commands, and group policy. The campaign is distinct from recent destructive attacks in Ukraine.
Russian Missile Attacks Disrupt Ukraine Telecommunication And Energy Infrastructure
Russian missile strikes on October 10th and 11th caused power outages and disrupted internet and mobile communications in Ukraine, reducing internet traffic by 35%. Critical infrastructure and services were impacted, prompting authorities to urge restricted use of mobile and electrical services. Ukraine relies on backup solutions and Starlink for connectivity.
COVID-19 Phishing Schemes Persist with Google Forms
Inky researchers report a spike in COVID-19 phishing schemes using Google Forms to steal credentials from small business owners. Attackers impersonate the SBA, tricking victims into disclosing sensitive information. With the upcoming winter months, expect an increase in such phishing emails. Verify communications from official sources only.
Pro-Russian Group Calls for Help in Launching DDoS Attacks
BleepingComputer reveals a pro-Russian group crowdsourcing DDoS attacks against Western countries, with financial incentives for participants. The project targets military and educational organizations in Ukraine and has over 400 members. Payouts range from 20,000 to 80,000 rubles for top contributors, highlighting the growing threat of organized cyberattacks.
New Attack Framework and RAT Strikes Impacts Windows, Linus and Mac Operating Systems
Cisco Talos discovers Alchimist, a new attack framework, and Insekt RAT, impacting Windows, Linux, and Mac OS. Written in Chinese, these tools enable remote access, system reconnaissance, and arbitrary command execution, highlighting the growing threat of cross-platform cyberattacks.
Magniber Ransomware Targets Home Users
HP's threat intelligence team tracks Magniber ransomware targeting home users with fake updates for anti-virus or Windows 10. The attack uses malicious JavaScript files to avoid detection, employing UAC bypass techniques and disabling system recovery. Ransom demands are at least $2,500 from affected victims.
.png)
Intelligence Levels for Threat Reports
Tactical
Detectable threat behaviors for response with threat scenarios or threat identifiers.
Strategic
General information security news, for awareness.
.png)
Whitepapers
The World's Best SOC Teams Use Anvilogic
.png)
.svg)
.svg)
.svg)
.svg)
.svg)
