RisePro is an information-stealing malware that was first discovered in mid-December 2022. The earliest log recording from this malware, as of the time of this writing, was December 12th, 2022. The logs found were posted to Russian Market, which is a log shop that is like other markets, such as Genesis. There appeared to be multiple thousands of logs posted [2]. RisePro appears to be written in C++ and acts similarly to the “Vidar” malware. According to a Joe Sandbox analysis, RisePro exhib
smokeloader (3)
Cybersecurity researchers have published the inner workings of a new wiper called Azov Ransomware that's deliberately designed to corrupt data and "inflict impeccable damage" to compromised systems. Azov is the name of ransomware, malware that blocks access to files by encrypting them. It encrypts all files (except files with .ini, .dll, and .exe extensions) and appends the ".azov" extension to their filenames. Also, Azov drops ransom notes (the "RESTORE_FILES.txt" files) in all folders that i
Activity Summary - Week Ending on 12 August 2022:
- Red Sky Alliance identified 23,968 connections from new IP’s checking in with our Sinkholes
- ril.com Hit
- Analysts identified 765 new IP addresses participating in various Botnets
- Zeppelin Ransomware
- Exim
- SmokeLoader
- RapperBot
- AiTM Phishing
- BlenderBot
- PortDoor & CotSam
Link to full report: IR-22-224-001_weekly224.pdf
