Cyber Threat Intelligence perspectives on 2025

Multivariate signatures based on identification schemes

 View all
NetWalker ransomware

Netwalker is a type of ransomware that targets Windows-based systems. First discovered in August 2019, it has evolved throughout the rest of 2019 and into 2020. The FBI noted significant spikes in...

 Read more
Legitimate Sites used as Cobalt Strike C2s against Indian Government

Introduction Telsy Threat Intelligence team observed an attack against members of the Indian government or local institutions, which uses social engineering themes as an investigation for a cyber attack or...

 Read more
SimJacker, the SIM cards vulnerability

SimJacker is a SIM card vulnerability that allows cybercriminals to compromise any cell phone and spy on victims by simply sending an SMS text message.   What is SimJacker? The...

 Read more
The Web Shell

A Web Shell is a shell-like interface that enables a web server to be remotely accessed, often for the purposes of cyberattacks.   What is a Web Shell? A Web...

 Read more
CronRAT, the e-commerce malware

Experts have identified a new Linux RAT that was dubbed “CronRAT”. It stands out through its hiding place, as it can be found in different tasks which have a schedule-timeline...

 Read more
The BlackMatter ransomware

First seen in July 2021, BlackMatter is a Ransomware-as-a-Service (RaaS) tool that allows the ransomware‘s developers to profit from cybercriminal affiliates (i.e., BlackMatter actors) who deploy it against victims.  BlackMatter...

 Read more
Artificial intelligence and Cybersecurity between cyber defense and cyber attack

Abstract Artificial intelligence can be qualified as an ambivalent tool since it lends itself to being used both as a means to create cyber defense products and, unfortunately, as a...

 Read more
Double and triple extortion attacks

Initially, criminals exclusively used ransomware-related malware to restrict access to user data by encrypting files on individual or organizational devices.  In exchange for the decryption key, the victims had to...

 Read more
The Dharma ransomware

Dharma is a dangerous ransomware, identified as early as 2016, whose uniqueness lies entirely in its peculiar attack technique: the Dharma ransomware, in fact, is able to install itself on...

 Read more
Possible attack to Telco company in Middle East

Telsy Threat Intelligence team identified a possible Grunt Covenant multi-stage attack aimed at a major telecommunications company in Iran.   Introduction In this article, we will look at the different steps...

 Read more