Former Senior Director, CTI at BlackBerry,
Former GReAT Director in LatAm
linkedin.com/in/bestuzhev
#threatintel #cti #yara #malware
https://blogs.blackberry.com/en/2024/04//lightspy-returns-renewed-espionage-campaign-targets-southern-asia-possibly-india
#lightspy Returns: Renewed #espionage Campaign Targets Southern Asia, Possibly India
#ios
#CubaRansomware Deploys New tools: Targets Critical Infrastructure Sector in the U.S. and IT Integrator in Latin America https://blogs.blackberry.com/en/2023/08/cuba-ransomware-deploys-new-tools-targets-critical-infrastructure-sector-in-the-usa-and-it-integrator-in-latin-america
Our "Global Threat Intelligence Report" (Reporting Period: March 1 – May 31, 2023) is out https://www.blackberry.com/us/en/solutions/threat-intelligence/2023/threat-intelligence-report-august
Decoding #RomCom: #Behaviors and Opportunities for Detection
https://blogs.blackberry.com/en/2023/07/decoding-romcom-behaviors-and-opportunities-for-detection/
#rules
#RomCom Threat Actor Suspected of Targeting #ukraines NATO Membership Talks at the #NATO Summit https://blogs.blackberry.com/en/2023/07/romcom-targets-ukraine-nato-membership-talks-at-nato-summit
🚨 21 arrested for labour exploitation and 261 victims identified.
Authorities target food and delivery services, beauty salons, and transport and construction sectors during EU-wide Joint Action Days.
Press release ⤵️
https://www.europol.europa.eu/media-press/newsroom/news/21-arrested-for-labour-exploitation-and-261-victims-identified
#EMPACT https://t.co/Ch9jv4YpTF
🐦🔗: https://n.respublicae.eu/Europol/status/1676504589468672003
#RomCom Resurfaces: Targeting Politicians in Ukraine and U.S.-Based #Healthcare Providing Aid to #Refugees from #Ukraine
https://blogs.blackberry.com/en/2023/06/romcom-resurfaces-targeting-ukraine
Operation #CMDStealer : Financially Motivated Campaign Leverages CMD-Scripts and #LOLBaS for Online #Banking Theft in #Portugal, #Peru, and #Mexico
https://blogs.blackberry.com/en/2023/05/cmdstealer-targets-portugal-peru-and-mexico
#SideWinder Uses Server-side #Polymorphism to Attack #Pakistan Government Officials — and is Now Targeting #Turkey
https://blogs.blackberry.com/en/2023/05/sidewinder-uses-server-side-polymorphism-to-target-pakistan
@aboutsecurity @rsaconference So we are all set for our talk today. See you there!
Next week, Wed Apr 26, @aboutsecurity and I presenting at #RSAC2023 our work: "macOS: Tracking High Profile Targeted Attacks, Threat Actors & TTPs"
@rsaconference
Supply chaining a supply chain attack
#DoubleSupply attack
So Jacob F and I presenting tomorrow at #BSidesNYC2023 tomorrow, Sat Apr 22, 2023 our work "Hunting for #RomCom RAT inside of the context of the war in #ukraine
See you there!
@bsidesnyc
"From Google Ads Abuse to a Massive Spear-Phishing Campaign Impersonating Spain’s Tax Agency" https://blogs.blackberry.com/en/2023/04/massive-spear-phishing-campaign-impersonating-spain-tax-agency
Initial Implants and Network Analysis Suggest the #3CX Supply Chain Operation Goes Back to Fall 2022 https://blogs.blackberry.com/en/2023/03/initial-implants-and-network-analysis-suggest-the-3cx-supply-chain-operation-goes-back-to-fall-2022
#NOBELIUM Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting #Ukraine
https://blogs.blackberry.com/en/2023/03/nobelium-targets-eu-governments-assisting-ukraine
@danonsecurity and Kelly Molloy will be at #NICAR23 this week for a hands-on session! Learn how to use DNSDB Scout to discover previously unknown online connections to advance your ongoing and breaking news investigations. Sign up here: https://schedules.ire.org/nicar-2023/#2096
#BlindEagle Deploys Fake #UUE Files and #Fsociety to Target Colombia's Judiciary, Financial, Public, and Law Enforcement Entities
https://blogs.blackberry.com/en/2023/02/blind-eagle-apt-c-36-targets-colombia