Cyberint

Petah Tikva, Israel
2009
Oct 7, 2021   |  By Cyberint Research
Previously used the Thumbler and Faceit gaming platforms to access dynamic configuration from threat actors, new campaigns of Vidar Stealer's more recent versions suggesting a new venue where Vidar receives dynamic configurations and dropzone information for downloading and uploading files.
Sep 9, 2021   |  By Cyberint Research
Details of a high severity remote code execution (RCE) vulnerability in Microsoft's proprietary browser engine 'MSHTML', also known as 'Trident', were released by Microsoft on September 7, 2021, and promptly followed by reports of active exploitation in the wild.
Sep 5, 2021   |  By Cyberint Research
CVE-2021-26084, a critical vulnerability (CVSS score 9.8) in Atlassian Confluence Server and Confluence Data Center, is currently being actively and widely exploited by threat actors.
Sep 1, 2021   |  By Cyberint Research
Cyberint Research observed several unsolicited malicious email (malspam) campaigns in August 2021 through which Masslogger was delivered. First noticed around April 2020, Masslogger is a popular.NET credential stealer used to gather credentials from victims for various applications, and is readily available to purchase on cybercriminal forums for around $100 (US).
Aug 18, 2021   |  By Cyberint Research
First observed in 2020 and advertised on various cybercriminal forums as a 'Malware-as-a-Service' (MaaS) threat, Redline is an information stealer mainly targeting Windows' victim credentials and cryptocurrency wallets, as well as Browser information, FTP connections, game chat launchers, and OS information such as system hardware, processes names, time zone, IP, geolocation information, OS version, and default language.
Aug 15, 2021   |  By Cyberint Research
Launched in September 2019 and formerly known as 'ABCD', LockBit is a ransomware-as-a-service (RaaS) threat that was updated in June 2021 and improved on the group’s earlier claims of having the fastest encryption process on the ransomware scene (Figure 1). Much like other RaaS offerings, LockBit operates an affiliate profit sharing program in which up-to eighty percent of a ransom payment can be earned whilst the operators claim the remainder.
Aug 11, 2021   |  By Cyberint Research
Believed active since mid-2020, Conti is a big game hunter ransomware threat operated by a threat group identified as Wizard Spider and offer to affiliates as a ransomware-as-a-service (RaaS) offering. Following the lead of other big game hunter ransomware groups, Conti adopted the double extortion tactic, also known as 'steal, encrypt and leak', in order to apply additional pressure on victims to pay their ransom demands and avoid sensitive or confidential data being exposed.
Aug 8, 2021   |  By Cyberint Research
Recently published by Lionel Gilles, an offensive security researcher based in France, 'PetitPotam' is a proof-of-concept (PoC) tool used for NT LAN Manager (NTLM) relay attacks that, when executed properly, grants threat actors the ability to take over a Windows Active Directory (AD) domain, including domain controllers (DC), where Active Directory Certificate Services (ADCS) are used.
Jul 26, 2021   |  By Cyberint Research
Cyberint Research observed a number of unsolicited malicious email (malspam) campaigns throughout July 2021 in which Agent Tesla has been used to deliver 'Oski Stealer' to a variety of targets worldwide. First observed around November 2019, Oski Stealer is a popular threat, used to gather credentials and/or financial data from victims, and is readily available to purchase on various cybercriminal forums, typically advertised by a threat actor known as 'oski_seller', for around US$70-100.
Jul 22, 2021   |  By Cyberint Research
First coming to light as a local elevation of privilege vulnerability affecting pre-release versions of Windows 11 (Figure 1), subsequent investigations into the issue, namely sensitive registry hive files being accessible to all users when 'System Protection' is enabled, confirm that it also affects Windows 10. Initially dubbed 'HiveNightmare' and 'SeriousSAM' by security researchers, CVE-2021-36934 has been assigned to this vulnerability although the CVSS score has yet to be determined.
Oct 12, 2021   |  By Cyberint
What are the 5 most important advantages our customers cited for implementing Digital Risk Protection? Watch the interview our CEO, Yochai Corem, gave at Improvate Cyber Tech Summit to learn.
Jul 12, 2021   |  By Cyberint
Cyberint CEO, Yochai Corem, comments on the recent REvil Ransomware's supply chain attack on Kaseya and what measures companies should take to prevent being affected.
Jan 11, 2021   |  By Cyberint
Jan 10, 2021   |  By Cyberint
Yochai Corem, our CEO on the importance of Digital Risk Protection to online businesses
Mar 22, 2020   |  By Cyberint
The connection between threat intelligence and threat hunting. Cyberint launched a managed threat hunting offering enabling our customers to identify threats targeting their business and hunt down threats withing the organization.
Sep 23, 2019   |  By Cyberint
Leveraging unique risk profiling scorecard, CyberInt is launching a packaged solution for retailers and eCommerce players to address the specific cybersecurity and fraud challenges they face to ensure business operations and continuity and protect their customers and employee data as well as brand reputation.

Best-in-class managed intelligence suite. We help you identify emerging threats, verify your security posture, and respond effectively to reduce their impact.

CyberInt's Managed Detection and Response services span globally and include some of the top finance, retail and telecommunication organizations. Allowing our customers to combat and respond to advanced cyber threats that would normally go unnoticed by standard security controls, while protecting their brand, digital assets and customers.

Solutions:

  • Threat Intelligence: Real-time monitoring of threats in the deep, dark and open web such as phishing and malware campaigns, brute-force and credential stuffing threats, data leakage, including personal identifiable information (PII), and fraudulent activity.
  • Digital Risk: Digital footprint discovery and ongoing monitoring of organizations’ cloud and external facing assets. Ensuring visibility into assets with severity-based prioritization of issues to address, highlighting related threats, vulnerabilities, and weaknesses.
  • Threat Hunting: Driven by Cyberint proprietary intelligence and custom detections service provides continuous hunt for threats across the IT and infrastructure. Leveraging 3rd party EDR-agnostic technology and SOAR, we deploy proprietary automated playbooks to contain and mitigate threats within minutes.
  • Cybersecurity Assessment: Testing applications and infrastructure’s resilience to cyberattacks, to identify weaknesses and loopholes in your security posture.

Intelligence-driven Detection & Response. Leveraging threat intelligence suite, threat hunting and threat mitigation and response services.