Microcin is here

In February 2020, we observed a Trojan injected into the system process memory on a particular host. The target turned out to be a diplomatic entity. We attribute this campaign with high confidence to the SixLittleMonkeys (aka Microcin) threat actor. Read Full Article

Naikon’s Aria

Our colleagues at Checkpoint put together a fine research writeup on some Naikon resources and activity related to “aria-body” that we detected in 2017 and similarly reported in 2018. Read Full Article

YARA webinar follow up

If you read my previous blogpost, “Hunting APTs with YARA” then you probably know about the webinar we’ve done on March 31, 2020, After it we received a number of interesting questions and as I promised, I will try to answer them below. Read Full Article